5 min readFeatured
Prompt Injection Grew Up
Indirect prompt injection has moved from research demos to real CVEs in Microsoft 365 Copilot, GitHub Copilot, Cursor, and Claude connectors. A short read on where the threat actually stands now.
Topic archive
AppSec
3 posts, newest first.
5 min read
SSRF in PDF and HTML Rendering Pipelines: What Puppeteer-Style Services Get Wrong
Why headless-browser renderers quietly become one of the most powerful SSRF primitives in your stack, and how to think about controls before the next 'just render this URL' feature ships.
5 min readFeatured
Tokenization Attacks: The AI Security Risk Almost Nobody Models
Why retrieved text is not just ‘untrusted input’ but an attacker-controlled instruction channel when your model can call tools — and how to think about controls without magical safety guarantees.