Security Topics

August 22, 2025

708

Lenovo AI Chatbot Incident: Critical XSS Vulnerability Exposes Enterprise AI Security Gaps

In August 2025, Lenovo quietly patched a critical vulnerability in its AI chatbot “Lena” that could have allowed attackers to steal session cookies and potentially compromise customer support systems through a single 400-character prompt—highlighting a new class of AI-driven security threats that most organizations are unprepared to defend against. The ...

August 21, 2025

256

Article + GenAI Security ADMIN

What Can Generative AI Red Teaming Learn from Cyber Red Teaming — Top Insights

The rapid deployment of generative AI systems across critical infrastructure has created an unprecedented security challenge: how do we effectively test and secure systems that can generate content, make decisions, and interact with users in ways we never fully anticipated — even with AI Red Teaming in place? A groundbreaking ...

August 20, 2025

669

GenAI Security + GenAI Security Digest ADMIN

Top GenAI Security Resources — August 2025

Explore the Top GenAI Resources to stay informed about the most pressing risks and defenses in the field. As GenAI becomes deeply integrated into products, workflows, and user-facing systems, attackers are actively exploiting its vulnerabilities. Prompt injections, jailbreaks, unsafe output handling, and compromised integrations are exposing critical gaps in security. ...

August 7, 2025

632

MCP Security + MCP Security Digest ADMIN

Top MCP Security Resources — August 2025

MCP Security is a top concern for anyone building Agentic AI systems. The Model Context Protocol (MCP) connects tools, agents, and actions. It plays a role similar to TCP/IP—but for autonomous workflows. If MCP is compromised, the entire agent stack is at risk. Attackers can inject prompts, hijack tools, and ...

August 5, 2025

32

Review + GenAI Security ADMIN

UNESCO Red Teaming Artificial Intelligence for Social Good The PLAYBOOK — Top Insights

NOTE: This Blurpring should not be viewed as an alternative to in-depth AI Red Teaming done by professionals but rather a first step to understand AI Risks Posture. In an era where generative AI systems are becoming deeply embedded in our digital infrastructure, the UNESCO Red Teaming Playbook emerges as ...

July 31, 2025

64

Article + Agentic AI Security ADMIN

Amazon AI Coding Assistant Q Incident: Lessons Learned

Introduction. When AI Becomes the Attack Vector In the world of AI red teaming, we often ask ourselves: “What’s the worst that could happen?” On July 2025, we got our answer—and it wasn’t from a sophisticated nation-state actor or a zero-day exploit. It came from a single frustrated hacker who ...

July 29, 2025

53

Review + Agentic AI Security ADMIN

OWASP Securing Agentic Applications Guide 1.0 — Top 7 Strategic Insights

As we stand at the precipice of the agentic AI revolution, organizations worldwide are racing to deploy autonomous AI systems that can reason, plan, and execute tasks independently. Yet, with great autonomy comes great risk. The OWASP Securing Agentic Applications Guide 1.0 is an essential manual for the age of ...

July 22, 2025

177

Article + MCP Security ADMIN

Top MCP Defense Resources: Essential Security Guide

The Model Context Protocol (MCP) has emerged as a “USB-C port for AI applications” that standardizes how AI systems interact with external data sources and tools. While MCP revolutionizes AI integration by enabling seamless connections between AI models and diverse services, this powerful capability introduces significant MCP defense and security challenges ...

July 17, 2025

141

Article + MCP Security ADMIN

Top MCP Threats Resources: A Comprehensive Guide to Model Context Protocol Security

The Model Context Protocol (MCP), introduced by Anthropic in November 2024, has rapidly emerged as the “USB-C port for AI Agents and applications” — revolutionizing how AI systems interact with external tools and data sources. This protocol standardizes the connection between Large Language Models (LLMs) and various services, enabling powerful ...