Why ordinary-looking emails, comments, and diagrams can hijack LLMs| Fogel.dev
This is long compilation of all the recorded MCP security flaws in the wild.| composio.dev
We reveal a powerful metadata-spoofing attack that exploits Claude's iMessage integration to mint unlimited Stripe coupons or invoke any MCP tool with arbitrary parameters, without alerting the user.| www.generalanalysis.com
Stress testing enterprise AI models to find failure modes.| www.generalanalysis.com
Here's yet another example of a lethal trifecta attack, where an LLM system combines access to private data, exposure to potentially malicious instructions and a mechanism to communicate data back …| Simon Willison’s Weblog
%20(1).png)