Security Research
Our autonomous hunting framework has uncovered critical vulnerabilities.
HashPrompt Injection
CVE-2025-64496 • CVSS 9.8
A novel attack vector exploiting URL fragments to inject malicious prompts into AI-powered browsers.
Context Window Overflow
Memory exhaustion attack via crafted context payloads causing denial of service in LLM inference engines.
Tool Call Injection
Unauthorized function execution through malicious tool call formatting in agent frameworks.
Model Path Traversal
Arbitrary file read via manipulated model loading paths in ML serving infrastructure.
Embedding Injection
Vector database poisoning through crafted embeddings enabling RAG manipulation attacks.
API Key Disclosure
Sensitive credential exposure through verbose error messages in production deployments.
Example MDX Post
An example blog post demonstrating MDX features and components.
Immersive World
LLM jailbreak technique using immersive storytelling contexts.
LAMEHUG Analysis
First known LLM-powered malware with links to APT28.
Context Exploit
AI agent manipulation through context window poisoning.