Subscribe
Sign in
Home
Notes
Disclaimer
Contact
Consult
About
Google SAIF: The Agent Security Map
Google’s Secure AI Framework draws the full agent attack surface, names the risks, and hands you the controls. A vendor did the boring, useful work for…
Jul 1
•
ToxSec
11
6
3
How OpenAI’s Cyber Defense Plan Backs the Defenders
A five-pillar action plan, a tiered Trusted Access program, and a cyber-tuned model that stops treating every defender like a suspect.
Jun 28
•
ToxSec
19
5
6
Decision Tracing: The Missing Piece in Every AI Agent Breach
When an agent goes rogue, prompt filters are useless. You need a replayable record of every decision, tool call, and the reasoning that fired them.
Jun 25
•
ToxSec
16
10
6
AI Tar Pits Are Drowning LLM Scrapers in Infinite Garbage
How tools like Nepenthes, Iocaine, and Cloudflare’s AI Labyrinth trap unauthorized crawlers in endless mazes of generated nonsense and poison the…
Jun 21
•
ToxSec
27
8
7
Meta's Rule of Two: The Fix for Agent Prompt Injection
The two-of-three rule that snaps the AI agent prompt injection chain, why it works, and the three seams where it still leaks.
Jun 18
•
ToxSec
9
1
4
Latest
Top
Discussions
Fable 5 Export Control Takedown: One Jailbreak, Whole Planet Dark
How a narrow, non-universal jailbreak triggered the first government-forced kill switch on a deployed frontier model, and why deemed-export law made the…
Jun 14
•
ToxSec
24
18
10
15:41
Agentic AI Attacks Explained: How Autonomous Agents Hack You in 2026 (and How to Stop Them)
Goal hijack, tool misuse, memory poisoning, and the confused deputy problem, plus the least-privilege playbook that actually kills the chain.
Jun 7
•
ToxSec
38
11
10
Why AI Guardrails Can’t Tell Your Research From an Attack
The model resolves on shape, not intent, and that single fact explains every weird refusal you’ve ever hit.
Jun 4
•
ToxSec
16
3
8
LLM Defense in Depth: Assume Breach and Contain the Blast
Prompt injection will land. Stack probabilistic filters with deterministic controls so what gets through can’t reach anything worth taking.
May 31
•
ToxSec
28
18
16
AI Sandbox Escape: Why Docker Can’t Hold Frontier Models
Frontier models escape Docker containers for $1, n8n sandboxes ship RCE, and ROME mined crypto during training with nobody asking.
May 28
•
ToxSec
18
8
Google I/O: Agentic Security and New Threats
Project Mariner browses for you, A2A lets agents trust agents, and managed MCP is everywhere. Nobody on stage said “threat model.”
May 25
•
ToxSec
28
6
9
57:35
How to Threat Model AI Applications With STRIDE
AI-STRIDE maps six classic threat categories to LLM pipelines, agent tools, and training data. Here’s the walkthrough.
May 22
•
ToxSec
16
1
6
See all
ToxSec - AI and Cybersecurity
Security for a world run by machines that lie.
Subscribe
Recommendations
View all 28
The Founders Corner®
Ruben Dominguez
The Signal
Alex Banks
Digital Thoughts
Pawel Jozefiak
Wondering About AI
Karen Spinner
Heuristics vs Traps
Mila Agius
ToxSec - AI and Cybersecurity
Subscribe
About
Archive
Recommendations
Sitemap
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts