Tools of the Trade

0-click indirect prompt injection with tool use - a look through attribution graphs

Modeling LLMs via Structured Self-Modeling (SSM)

How using structured prompts present findings of self-modeling in LLMs, which may benefit both attackers and defenders

Data-Structure Injection (DSI) in AI Agents

How controlling the structure of the prompt, not just the semantics, can exploit your AI agents and their tools

AgentFlayer: Versión en español.

Exploring the Risks of ChatGPT’s Atlas Browser

Appendix: Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Breaking down AgentKit's Guardrails

A deep dive into OpenAI's AgentKit guardrails, how they are implemented, and where they fail

Analyzing The Security Risks of OpenAI's AgentKit

Exhibit & Exploit: Two DEF CON 33 Highlights from the Past & Future of Hacking

Humans, hacker culture and AI: Notes from Hacker Summer Camp

Prompt Mines: 0-Click Data Corruption In Salesforce Einstein

AgentFlayer: Minimum Clicks, Maximum Leaks: Tilling ChatGPT’s Attack Surface

Exploiting ChatGPT with Language Alone: A Deep Dive into 0Click and 1Click Attacks.