AISecHub

前往频道在 Telegram

显示更多

未指定国家技术与应用28 540

2 448

订阅者

无数据24 小时

+137 天

+15030 天

296

帖子浏览量

~ 20624 小时

~ 24448 小时

12.10%

参与率

~ 11

每日帖子数

Ads index

beta

数据加载中...

相似频道

无数据

有任何问题？请刷新页面或联系我们的客服。

标签云

进出提及

---

吸引订阅者

六月 '26

+40

在3个频道中

五月 '26

+163

在4个频道中

Get PRO

四月 '26

+100

在2个频道中

Get PRO

三月 '26

+192

在3个频道中

Get PRO

二月 '26

+239

在5个频道中

Get PRO

一月 '26

+394

在4个频道中

Get PRO

十二月 '25

+204

在4个频道中

Get PRO

十一月 '25

+140

在4个频道中

Get PRO

十月 '25

+167

在3个频道中

Get PRO

九月 '25

+270

在1个频道中

Get PRO

八月 '25

+95

在1个频道中

Get PRO

七月 '25

+93

在2个频道中

Get PRO

六月 '25

+68

在1个频道中

Get PRO

五月 '25

+375

在3个频道中

Get PRO

四月 '25

+43

在2个频道中

Get PRO

三月 '25

+735

在1个频道中

日期	订阅者增长	提及	频道
12 六月	+1
11 六月	+1
10 六月	+7
09 六月	+4
08 六月	+4
07 六月	+1
06 六月	0
05 六月	+2
04 六月	+5
03 六月	+6
02 六月	+4
01 六月	+5

频道帖子

CVE-2026-48039: Meta Ads MCP — Unauthenticated HTTP Tool Execution Leaks Operator Meta Access Token The advisory describes an MCP server where unauthenticated HTTP requests can trigger tool execution and expose the operator’s Meta access token, indicating a missing authn/authz boundary between remote callers and privileged MCP actions. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-9gw6-46qc-99vr

2	npm Supply Chain Under Siege: TeamPCP, Miasma, and npm v12 The npm package registry serves as foundational infrastructure for modern software development. #AgentSecurity #LLMSecurity #AISecurity #Report https://labs.cloudsecurityalliance.org/research/csa-whitepaper-npm-ai-toolchain-supply-chain-security-v1-0-c	52
3	OCELOT: Inference-Leakage Budgets for Privacy-Preserving LLM Agents OCELOT treats agent privacy as trajectory-level posterior-risk control: each outbound “release” is audited and charged against a leakage budget based on how much it can improve an attacker’s belief about a secret, not just whether the text matches a filter. #AgentSecurity #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.12341	36
4	PI-Hunter: Automated Red Teaming to Expose and Localize Prompt Injections PI-Hunter frames indirect prompt injection as an auditing problem: generate source-aware environments, then use feedback-driven test evolution to make an agent retrieve and surface latent malicious instructions, helping localize where untrusted content propagates through the agent/tool workflow. #PromptInjection #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.12737	34
5	Stakeholder-Centric Prompt Injection Benchmarking for Real-World Web Agents This paper reframes web-agent prompt-injection evaluation around “who gets harmed,” splitting attacks by stakeholder (user/seller/platform), objective, and both outcome- and process-level metrics to surface failure modes that attack-centric benchmarks can miss. #PromptInjection #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.13385	30
6	CVE-2026-48039: Meta Ads MCP — Unauthenticated HTTP Tool Execution Leaks Operator Meta Access Token The advisory describes an MCP server where unauthenticated HTTP requests can trigger tool execution in a way that exposes the operator’s Meta access token, indicating a missing auth boundary between the network listener and token-bearing tool calls. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-9gw6-46qc-99vr	28
7	npm Supply Chain Under Siege: TeamPCP, Miasma, and npm v12 The npm package registry serves as foundational infrastructure for modern software development. #AgentSecurity #LLMSecurity #AISecurity #Report https://labs.cloudsecurityalliance.org/research/csa-whitepaper-npm-ai-toolchain-supply-chain-security-v1-0-c	28
8	SMSR: Certified Defense Against Runtime Memory Poisoning in Persistent LLM Agent Systems Persistent agent memory creates a multi-session poisoning path where attacker-written “memories” are later retrieved and treated as guidance. This paper’s SMSR combines HMAC-signed memory writes with randomized retrieval-time ablation and majority voting to bound (and certify) the effect of injected content. #AgentSecurity #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.12703	30
9	PI-Hunter: Automated Red-Teaming to Expose and Localize Prompt Injections PI-Hunter targets indirect prompt injection in tool-using agents by generating source-aware test cases and iteratively mutating them via feedback to make agents retrieve and surface latent malicious instructions from untrusted environments, aiming to improve vulnerability exposure and attack-surface coverage beyond success-only red-teaming. #PromptInjection #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.12737	35
10	Stakeholder-Centric Prompt-Injection Benchmarking for Real-World Web Agents This benchmark reframes web-agent prompt injection evaluation around who is harmed, mapping attacks to stakeholder-specific objectives and measuring both outcome and process failures (e.g., stealthy task-preserving manipulation vs task disruption). It reports that current agents do not reliably resist any tested attack objective across these modes. #PromptInjection #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.13385	41
11	Most Viewed Videos in May 2026 https://awesomecybersecurityconferences.com/videos/most-viewed	133
12	https://askar.so/blogs/watch-your-ai-using-replit-ai-to-mask-your-c2-traffic/	123
13	Lovable 😜 says it’ll fix security issues for free, then asks you to pay.	196
14	300 followers :) https://github.com/TalEliyahu	209
15	没有文字...	220
16	https://github.com/visa/visa-vulnerability-agentic-harness	213
17	Top 20 Cybersecurity Talks — May 2026 https://medium.com/@taleliyahu/top-20-cybersecurity-talks-may-2026-e67929243e6f	406
18	没有文字...	208
19	CISA Makes Risk-Based Vulnerability Management Real https://cyber-biz.com/blog/cisa-risk-based-vulnerability-management	201
20	https://socket.dev/blog/mini-shai-hulud-miasma-and-hades-worms-target-bioinformatics-and-mcp-developers-via-malicious	203

查看所有帖子