confused deputy
2 posts
Article
The guard checks the badge, never the room
Prompt injection is role confusion: systems that derive content authority from channel trust execute attacker input as instruction.
Article
RedSun turned Defender into a write primitive
RedSun turned Windows Defender's remediation path into a SYSTEM-level write primitive. The mechanism, the class, and what it exposes.