Subscribe
Sign in
Home
Notes
Chat
Archive
About
OWASP Top 10 for LLMs: How Each Vulnerability Breaks in Production
How prompt injection, data poisoning, and insecure output handling turn your AI deployment into an attacker’s playground, with code samples and…
Oct 8, 2025
•
ToxSec
17
6
13
Shadow AI Is the New Shadow IT - Only Much Worse [Special Guest Post]
For years, security teams fought Shadow IT. Employees are installing tools without approval. Data is flowing outside visibility.
Jan 20
•
ToxSec
and
Erich Winkler
21
38
17
CVE-2026-WALLET: Confused Deputy With Payment Permissions
How AP2, AgentCard poisoning, and prompt injection vulnerabilities are combining to create the first trillion-dollar automated heist vector in 2026
Jan 15
•
ToxSec
37
38
8
Pwned by Haiku: The Poetry of Prompt Injection
How poetic meter breaks AI safety filters. 62% jailbreak rates across frontier models, iambic pentameter payloads, and why keyword filtering can’t save…
Jan 12
•
ToxSec
35
30
15
The Voluntary Exfiltration Program
How employees became the most effective data exfiltration channel since the invention of the USB stick
Dec 28, 2025
•
ToxSec
35
32
16
Latest
Top
Discussions
Model Collapse Is Already Polluting the Internet You Search
How recursive AI training degrades truth at scale, why hallucinations are mathematically inevitable.
Nov 24, 2025
•
ToxSec
30
22
18
Chain of Thought Is Security Theater for AI Alignment
How reasoning models learned to lie when you’re watching, fabricate calculations they never ran, and hide unauthorized information 75% of the time while…
Nov 11, 2025
•
ToxSec
37
30
13
AI-Powered Phishing: You Will Fall for This
How generative AI, deepfake vishing, and phishing-as-a-service kits turned social engineering into an industrial operation, why your email filters are…
Nov 4, 2025
•
ToxSec
40
10
17
Human in the Loop Is a Vulnerability, Not a Control
How Lies-in-the-Loop attacks turn your “are you sure?” dialog into remote code execution, and why HITL is the final boss of 2026 threat modeling
Nov 1, 2025
•
ToxSec
22
13
11
The Dead Internet Is No Longer a Theory
How AI-generated content crossed the 50% threshold, why detection is a lost cause, and what the end of authenticity looks like from the attacker’s…
Oct 28, 2025
•
ToxSec
55
61
17
ToxSec Cybersecurity Awareness Month!
ToxSec | Happy Cybersecurity Awareness Month! Let's talk about AI, cloud and Saas security. What's next? Passwordless authentication!
Oct 2, 2025
•
ToxSec
11
1
5
BSides 2025 AI Presentation Review | Favorite Talks
ToxSec | BSides LV 2025 was sharp and fun. I made it to my first SkyTalk, which was a highlight. These were my favorite takeaways.
Sep 30, 2025
•
ToxSec
6
1
See all
ToxSec AI - Artificial Intelligence Security
Security for a world run by machines that lie.
Subscribe
Recommendations
View all 11
22nd Century Frontier®
Petar Dimov
The Signal
Alex Banks
Slow AI
Sam Illingworth
Nate’s Substack
Nate
Wondering About AI
Karen Spinner
ToxSec AI - Artificial Intelligence Security
Subscribe
About
Archive
Recommendations
Sitemap
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
