Zenity Labs

Catching Prompt Guard Off Guard: Exploiting Overfit in Training Algorithms

How understanding the training algorithms used in machine learning models may allow attacker to bypass them entirely

PerplexedBrowser: How Attackers Can Hijack Comet to Takeover your 1Password Vault

One Calendar Invite. Your Entire Vault. Zero Clicks.

PerplexedBrowser: Perplexity’s Agent Browser Can Leak Your PC's Local Files

Local Files Are No Longer Safe.

Turning Moltbook Into a Global Botnet Map

How Untrusted Content Triggered 1,000+ Agent Endpoints Worldwide and Exposed Moltbook’s Faulty Design

Looking Inside: a Maliciousness Classifier Based on the LLM's Internals

Beyond input & output filtering and how well does it generalize to your out-of-distribution production data?

Perplexity Comet: A Reversing Story

A deeper look into an agentic browser's inner workings

OpenClaw or OpenDoor?

Indirect Prompt Injection makes OpenClaw vulnerable to Backdoors and much more.

Agent-to-Agent Exploitation in the Wild: Observed Attacks on Moltbook

Agent-targeted social engineering and attacks observed on a live agent network

Clawdbot: More than you bargained for?

Agentic Recon: Discovering and Mapping Public AI Agents

A Copilot Studio case study in agent discovery and capability mapping

Threat Actors Are Already Scanning For Your AI Deployments and Middleware

What recent scanning activity means for your AI middleware and agentic deployments

Moving The Decision Boundary of LLM Safety Classifiers

How a new fine-tuning approach can mitigate the problem of inaccurate safety paths