6 min read
Research A Wake Forest University empirical study found 282 of 444 iOS AI apps expose exploitable LLM credentials through network traffic. Three months after responsible disclosure, 72% remained vulnerable.
A Wake Forest University empirical study found 282 of 444 iOS AI apps expose exploitable LLM credentials through network traffic. Three months after responsible disclosure, 72% remained vulnerable.
A new critical authentication bypass in LiteLLM lets attackers manipulate the HTTP Host header to access protected management endpoints without credentials. Fixed in version 1.84.0, disclosed June 17.
A practical framework for implementing prompt injection detection at the API gateway layer: input sanitisation, context isolation, output filtering, and anomaly detection.
Query-efficient model extraction attacks against commercial LLM APIs: how adversaries reconstruct a functional shadow model using only input-output pairs, and how to defend.