Tag

#prompt-injection

3 posts tagged prompt-injection.

news

How LLM Chatbots Leak Data Through Their Own Rendered Output

A recurring AI-security finding: an injected instruction makes the model emit a markdown image whose URL carries the user's data to an attacker server. Why this works, why CSP is the real fix, and what to check this week.
May 15, 2026
news

Indirect Prompt Injection: The Agent Era's Default Vulnerability

As LLM agents gained tools and memory, the dangerous injection stopped coming from the user and started coming from the data the agent reads. A defender's breakdown of why this class resists patching and what containment looks like.
May 11, 2026
news

The OWASP LLM Top 10 (2025) Changed More Than the Numbering

The 2025 revision of the OWASP Top 10 for LLM Applications added system-prompt leakage and vector/embedding weaknesses, and reframed the supply-chain entry. Here's what actually shifted and why it matters for defenders.
May 8, 2026