Sitemap - 2026 - ToxSec - AI and Cybersecurity

Google SAIF: The Agent Security Map

How OpenAI’s Cyber Defense Plan Backs the Defenders

Decision Tracing: The Missing Piece in Every AI Agent Breach

AI Tar Pits Are Drowning LLM Scrapers in Infinite Garbage

Meta's Rule of Two: The Fix for Agent Prompt Injection

Fable 5 Export Control Takedown: One Jailbreak, Whole Planet Dark

Agentic AI Attacks Explained: How Autonomous Agents Hack You in 2026 (and How to Stop Them)

Why AI Guardrails Can’t Tell Your Research From an Attack

LLM Defense in Depth: Assume Breach and Contain the Blast

AI Sandbox Escape: Why Docker Can’t Hold Frontier Models

Google I/O: Agentic Security and New Threats

How to Threat Model AI Applications With STRIDE

Consulting

Contact

CIA Triad for LLM Security: Real-World AI Attack Failures

Is Vibe Coding Safe? 3 Security Checks Every AI Coder Needs

Mozilla Mythos Harness: AI Bug Hunting Without The Slop

Promptfoo Red Teaming: DAST for Your LLM Pipeline

Garak Vulnerability Scanner: Nessus for LLMs

PyRIT AI Red Teaming: Metasploit for LLMs

What is Slopsquatting? AI Hallucinations Ship Malware

Is Claude Code Secretly Installing Spyware?

Token-Level AI Security: The Opus 4.7 Tokenizer Graveyard

How to Jailbreak Claude Opus 4.7: A Bug Bounty Field Guide

You Downloaded Gemma 4 from Hugging Face. Is It Safe to Run?

Is Your Local AI Model Backdoored by Your Politics? Sleeper Agents Exposed

AI Governance Frameworks in 2026: What Compliance Actually Requires

AI Coding Tools Default to Insecure Patterns: The 5-Minute Rules File Fix

Hardcoded Secrets in AI-Generated Code: Catch Them Before Git Does

Gemini 0.37%, Claude 0.25%, Grok 0%. Humans Destroyed Them All: ARC-AGI-3

Stop Multimodal Prompt Injection: JPEG, Re-Encode & Dual-LLM Fixes

Model Denial of Service Turns Your Cloud Bill Into a Weapon

IBM X-Force 2026 Threat Index Confirms AI Made Offense Cheap

Vibe Coding Security Flaws Ship Shells, Keys, and Admin Access

AI Security Glossary & Attack Taxonomy

AI Security 101

The AI Kill Chain Explained: Two Frameworks Every Defender Needs

Two Studies Exposed What AI Agents Do When Nobody's Watching

MCP Tool Poisoning Defense: Kill Three Chains

Distillation Raids, Slopsquatting, and the Agent Trap

Zero Trust Home Network: AI Breaks Flat WiFi in Minutes

ToxSec Editorial Disclaimer

Nobody Knows What to Call This Job Yet. But Everyone Is Hiring for It. [Special Guest Post]

The Real Security Problem With LLM APIs Is Distillation

OpenAI Signs What Anthropic Wouldn't, Models Break Everything Anyway

Darknet Chatbots in Action: Jailbroken AI Demo over Tor

One Magic String from Anthropic Silences Claude (RAG DoS Exposed)

Dark LLMs and Agentic Browsers Share One Fatal Flaw

MCP Tool Poisoning in the Wild: Three Chains, Real Screenshots

RAG Poisoning Turns Your Knowledge Base Into an Attack Surface

LLM Guardrail Evasion Stacks Encoding to Bypass Every Filter

F*ck Your Guardrails: Live Fire Prompt Injection

OpenClaw Defaults Ship Insecure and Shodan Already Found Them

The OpenClaw Security Checklist

LLM Jailbreaks Get Easier as Models Get Smarter

Shadow AI Is the New Shadow IT - Only Much Worse [Special Guest Post]

AP2 AgentCard Poisoning Breaks AI Payment Security

Adversarial Poetry Jailbreaks LLMs at 62% Across 25 Models