Search Results: LLMSecurity

New research reveals how Large Language Models can be manipulated to bias scientific peer reviews through hidden prompts embedded in PDFs. In a countermove, editors can use similar techniques to detect AI-generated reviews, transforming a security flaw into a safeguard for academic integrity.

Cisco researchers uncovered widespread security lapses in large language model deployments, identifying over 1,100 publicly accessible Ollama servers vulnerable to unauthorized access and prompt injection. The study leverages Shodan scanning to reveal how default configurations enable risks like model theft and resource hijacking, demanding urgent industry-wide security reforms.

Researchers have uncovered a novel attack vector where malicious prompts are hidden within seemingly benign images, only to be revealed and executed when AI systems downscale the images for processing. This technique exploits fundamental image resampling algorithms, allowing attackers to manipulate platforms like Google Gemini and Vertex AI into performing unauthorized actions, such as exfiltrating sensitive data. The discovery underscores a critical and evolving threat to the security of multimodal AI systems increasingly integrated into enterprise workflows.

Researchers unveil TrojanStego, a novel attack where compromised language models secretly embed sensitive data into seemingly normal outputs using linguistic steganography. Fine-tuned models achieved 97% data leakage accuracy while maintaining output coherence and evading detection, exposing critical vulnerabilities in enterprise LLM deployments.

Trail of Bits has launched the beta of mcp-context-protector, a security wrapper designed to combat line jumping attacks like prompt injection in LLM apps using the Model Context Protocol. By proxying tool calls and implementing trust-on-first-use pinning, guardrail scanning, and ANSI sanitization, it fortifies defenses where malicious servers exploit the model's context window. This tool offers universal compatibility without requiring app modifications, addressing a glaring vulnerability in the rapidly evolving AI ecosystem.