A structured methodology for red teaming LLM applications: attack taxonomy, scoping, tooling (Garak, PyRIT, PromptBench), and translating findings into actionable security controls.
A structured methodology for red teaming LLM applications: attack taxonomy, scoping, tooling (Garak, PyRIT, PromptBench), and translating findings into actionable security controls.
A UK law firm's misconfigured AI document assistant was exploited to systematically extract privileged client communications and M&A due diligence files over six weeks.
Model inversion and training data extraction attacks allow adversaries to recover PII, proprietary data, and trade secrets from fine-tuned LLMs exposed via API.
A newly tracked cluster uses LLMs to automate spear phishing, accelerate vulnerability research, and generate disinformation targeting AI researchers and ML engineers.
How malicious content in external data sources can hijack agent behaviour in LangChain, LlamaIndex, and AutoGen-style agents via indirect prompt injection through tool responses.