Excessive Agency is an OWASP Top 10 Threat. Make sure you watch what permissions you are giving your Agents.
Remember to apply principles of least privilege and audit their actions closely.
#ai #cybersecurity #technology

Traditional cybersecurity attack are still here for LLMs. I’ve seen several new logic attacks that are pretty effective especially when connected to a RAG.

Think Forkbomb for your chatbot. Reeaaaaallly pricy if you don’t have failsafes and ways to detect it.

Reading “Chip Wars” and got me thinking, with all the data centers spinning up, I hope we got the best of the best on call haha.

The #1 biggest threat to your ai product.

AI hallucinations aren’t cute little glitches. They’re lies said with confidence. The scary part isn’t that the model’s wrong; it’s that it sounds so sure.

AI is powerful, but until it knows when to shut up, maybe don’t let it drive your brain.

#ai #llm

TLDR: China’s firewall just leaked 500 + GB of its internal censorship tech. Big win for transparency, big red-flag for digital repression tools going global.

Stop trusting headers. Force the alg, own the app.

Learn JWT security: www.toxsec.com/p/hacking-jw...

#AppSec #InfoSec

GenAI apps break differently. Learn the Top 10 ways here:
www.toxsec.com/p/owasp-top-...

#GenAI #Cybersecurity #OWASP

😭

Cyber Security Awareness Month!
Resilience > perimeter. One bad update took down the world—do you have a kill-switch and a rollback? www.toxsec.com/p/toxsec-cyb...

#SecOps #Resilience

New Article Concept art lol.