Topics
Browse posts by category and tag — every topic we cover, with the latest pieces under each.
Tags
- #prompt-injection 10
- #llm-security 6
- #indirect-prompt-injection 4
- #indirect-injection 3
- #red-team 2
- #threat-modeling 2
- #agent-hijacking 1
- #agent-security 1
- #agentic-ai 1
- #aisec 1
- #ascii-smuggling 1
- #bing 1
- #bypass 1
- #canary-tokens 1
- #case-study 1
- #compliance 1
- #defense 1
- #detection 1
- #eu-ai-act 1
- #garak 1
- #incident-analysis 1
- #invisible-text 1
- #jailbreaking 1
- #llama 1
- #multi-modal 1
- #open-source-models 1
- #owasp-llm 1
- #owasp-llm-top-10 1
- #policy 1
- #promptmap 1
- #pyrit 1
- #rag 1
- #real-world 1
- #rebuff 1
- #regulatory-liability 1
- #sydney 1
- #taxonomy 1
- #testing 1
- #tokenization 1
- #tooling 1
- #unicode 1
Categories
offensive 2 posts
- Invisible Prompt Injection: The Unicode Tag Smuggling TechniqueUnicode Tag characters let attackers embed invisible prompt injection payloads that still tokenize as instructions. How it works and what stops it.
- Indirect Prompt Injection Against a Llama 3 RAG Pipeline: How the Attack Classes WorkA documentation-based walkthrough of indirect prompt injection against an unhardened Llama 3.1 8B document-QA pipeline: the four attack classes, the
primer 2 posts
- A Working Taxonomy of Prompt Injection Attack TypesDirect, indirect, multi-modal, and agentic prompt injection are distinct attack classes with different trust boundaries, attacker access requirements, and
- Prompt Injection vs. Jailbreaking: Two Conflated Attack ClassesPrompt injection and jailbreaking both use natural language to subvert LLM behavior, but the attacker, the trust boundary that breaks, and the defenses