This website uses cookies
Read our Privacy policy and Terms of use for more information.
Secure Prompt
The authoritative newsletter on AI security, threats, and defense frameworks.
I consent to receive newsletters via email. Terms of use and Privacy policy.
Written by
Jul 1, 2026
•
8 min read
For three weeks the consumer-compromise surface was the most reliable pattern in our graph. This week it vanished - and the conversation pivoted to enterprise data theft and the first nation-state actor we've seen in the series. Plus: a two-part prediction that split down the middle.
Jun 24, 2026
7 min read
This week the AI-security discourse reorganized around governance and policy - while the actual exploitable risk kept climbing in silence. Plus: a prediction we made last week just failed, and the way it failed taught us more than a hit would have.
Jun 22, 2026
5 min read
One click in Copilot exfiltrates your inbox. A poisoned web page makes an AI agent run code on its own host. A hijacked npm org backdoors AI-framework packages. The week the agent layer became the attack surface.
Jun 17, 2026
6 min read
This week every structural blind spot in AI security shared one disconnected endpoint: the global stakes. The discourse won't connect macro AI risk to concrete failure - so the government did it by force. Plus: a prediction we called five weeks ago just landed.
Jun 15, 2026
4 min read
The Miasma/Hades worm hijacks four AI coding tools with one commit - no install required. LiteLLM hits CISA's KEV under active ransomware attack. And a NIST proof says no guardrail set can ever block every jailbreak.
Jun 10, 2026
Last week's structural blind spot didn't close. It jumped platforms - Apple to Meta - in seven days. Plus: we score our first prediction, and we got it wrong.
Jun 8, 2026
A HuggingFace RCE that defeats trust_remote_code. Google's MCP connector hijacked via CORS. 770+ exploitable flaws across 19,000 MCP servers. The protocol everyone rushed to adopt is the soft underbelly.
Jun 3, 2026
9 clusters, one orphan - the surface users actually touch is walled off from everything securing it, and a KEV-listed gateway bug proves the point.
Jun 1, 2026
3 min read
Starlette auth bypass hits vLLM, LiteLLM, and MCP gateways. SymJack lands six AI coding agents. First LLM-agent-driven intrusion captured in production.
May 27, 2026
Network analysis of this week's AI security discourse reveals a structural blind spot - and the EPSS top-50 confirms it.
May 25, 2026
TeamPCP. OpenAI. TrustFall. ChromaDB. Five critical AI security stories in one week.
Jan 30, 2026
13 min read
I Built My Own AI Agent This Week. Here's What I Learned (The Hard Way).
Jan 9, 2026
2 min read
The AI security incidents, vulnerabilities, research, and regulations that defined 2025 - curated in one place.
Dec 24, 2025
A year-defining week for AI security, a thank-you to our first subscribers, and a short holiday pause before we return in January.
Nov 19, 2025
This week’s Secure Prompt: AI-Orchestrated Cyber Espionage: Inside GTG-1002.
Sep 16, 2025
10 min read
AI Security Shakeups: M&A moves, active threats, and a critical LLM vulnerability.
Jul 13, 2026
A symlink trick turns six AI coding assistants into SSH-key writers. China tells developers to uninstall Claude Code. A GitHub agent leaks private repos to a public issue. And the agent's own security review runs the attacker's code. The week the AI dev toolchain became the attack surface.
Jul 8, 2026
The jailbreak talk and the prompt-injection malware now live in the same graph - and never touch. Plus: 2 open predictions resolved - 1 clean hit, 1 disclosed judgment call.
Jul 6, 2026
Malware that gaslights the AI analyzing it. Six agentic browsers brainwashed out of their guardrails. A CVSS 9.8 prompt-injection escape in Cursor. And the largest alleged model-distillation campaign yet. The weeks the AI became the target.