Appendix: Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Breaking down AgentKit's Guardrails

A deep dive into OpenAI's AgentKit guardrails, how they are implemented, and where they fail

Analyzing The Security Risks of OpenAI's AgentKit

Exhibit & Exploit: Two DEF CON 33 Highlights from the Past & Future of Hacking

Humans, hacker culture and AI: Notes from Hacker Summer Camp

Prompt Mines: 0-Click Data Corruption In Salesforce Einstein

AgentFlayer: Minimum Clicks, Maximum Leaks: Tilling ChatGPT’s Attack Surface

Exploiting ChatGPT with Language Alone: A Deep Dive into 0Click and 1Click Attacks.

AgentFlayer: ChatGPT Connectors 0click Attack

AI Enterprise Compromise - 0click Exploit Methods

AgentFlayer: When a Jira Ticket Can Steal Your Secrets

TL;DR: A 0click attack through a malicious Jira ticket can cause Cursor to exfiltrate secrets from the repository or local file system.

Why Aren’t We Making Any Progress In Security From AI

Guardrails Are Soft Boundaries. Hard Boundaries Do Exist.

Reconstructing a timeline for Amazon Q prompt infection

How a rogue GitHub commit, automation missteps, and a deceptive AI assistant led to one of the most bizarre prompt injection cases in recent memory.