llm security
5 posts
AWS Bedrock puts Anthropic inside your data path
AWS Bedrock's required data sharing with Anthropic redefines the trust boundary for third-party LLMs. What failed, why, and what must now be true.
The chatbot answered the door for attackers
Meta's Instagram chatbot abuse case is a prompt injection and confused deputy failure. Technical breakdown of the vector, telemetry gap, and residual exposure.
Mid-2024: a drunk LLM found a ksmbd kernel bug
How researchers used degraded LLM prompts to find a remote OOB write in the Linux kernel's ksmbd module, and what it means for kernel security.
Binding 65535 ports is the easy part
Architecture and evasion realities of an LLM honeypot binding all 65535 ports - TPROXY, latency tiers, fingerprint defence, and detection traps.
Engineering teams keep granting agents production database writes
AI agent vulnerabilities are systems engineering failures, not security failures. The fix is architectural containment, not better prompts or guardrails.