Applied GAI in Security

Sign in Subscribe

Brandon Dixon

Brandon Dixon

Brandon is a cybersecurity expert currently leading Security Copilot at Microsoft. He is known for creating PassiveTotal, Blockade.io, NinjaJobs, PDF X-Ray, and other opensource tools

Last Week in GAI Security Research - 03/31/25

Last Week in GAI Security Research - 03/31/25

Highlights from Last Week * 🚒 Smoke and Mirrors: Jailbreaking LLM-based Code Generation via Implicit Malicious Prompts * 📶 Large Language Models powered Network Attack Detection: Architecture, Opportunities and Case Study * 🎭 Inducing Personality in LLM-Based Honeypot Agents: Measuring the Effect on Human-Like Agenda Generation * 🐠 EXPLICATE: Enhancing Phishing Detection through Explainable AI and LLM-Powered Interpretability

Last Week in GAI Security Research - 03/24/25

Last Week in GAI Security Research - 03/24/25

Highlights from Last Week * 💻 Multi-Agent Systems Execute Arbitrary Malicious Code * 😘 XOXO: Stealthy Cross-Origin Context Poisoning Attacks against AI Coding Assistants * 🗺 Mapping the Trust Terrain: LLMs in Software Engineering – Insights and Perspectives * 🧶 ELTEX: A Framework for Domain-Driven Synthetic Data Generation * 🦮 Privacy-Aware RAG: Secure and Isolated Knowledge Retrieval Partner Content Pillar Security

Last Week in GAI Security Research - 03/17/25

Last Week in GAI Security Research - 03/17/25

Highlights from Last Week * 📜 A Survey on Trustworthy LLM Agents: Threats and Countermeasures * 🗡️ KNighter: Transforming Static Analysis with LLM-Synthesized Checkers * 🎛 Control Flow-Augmented Decompiler based on Large Language Model * 🐡 Large Language Models-Aided Program Debloating * 🚂 MAD-MAX: Modular And Diverse Malicious Attack MiXtures for Automated LLM Red Teaming * 🔐 Privacy Auditing of Large Language

Last Week in GAI Security Research - 03/03/25

Last Week in GAI Security Research - 03/03/25

Highlights from Last Week * 🖊 RapidPen: Fully Automated IP-to-Shell Penetration Testing with LLM-based Agents * ⭕ Worse than Zero-shot? A Fact-Checking Dataset for Evaluating the Robustness of RAG Against Misleading Retrievals * 🛡 Protecting Users From Themselves: Safeguarding Contextual Privacy in Interactions with Conversational Agents * 🚧 LongSafety: Evaluating Long-Context Safety of Large Language Models * 🕸 Why Are

Last Week in GAI Security Research - 02/24/25

Last Week in GAI Security Research - 02/24/25

Highlights from Last Week * 🤔 What are Models Thinking about? Understanding Large Language Model Hallucinations "Psychology" through Model Inner State Analysis * 🤖 Towards Robust and Secure Embodied AI: A Survey on Vulnerabilities and Attacks * 🔐 Do LLMs Consider Security? An Empirical Study on Responses to Programming Questions * 🤑 Fraud-R1 : A Multi-Round Benchmark

Last Week in GAI Security Research - 02/17/25

Last Week in GAI Security Research - 02/17/25

Highlights from Last Week * 💦 RTBAS: Defending LLM Agents Against Prompt Injection and Privacy Leakage * 💰 Auditing Prompt Caching in Language Model APIs * 🤖 Commercial LLM Agents Are Already Vulnerable to Simple Yet Dangerous Attacks * 🔊 Improving Acoustic Side-Channel Attacks on Keyboards Using Transformers and Large Language Models * 🧠 On the Emergence of Thinking in

Last Week in GAI Security Research - 02/10/25

Last Week in GAI Security Research - 02/10/25

Highlights from Last Week * ☣️ Exploring the Security Threats of Knowledge Base Poisoning in Retrieval-Augmented Code Generation * 🥡 LLMSecConfig: An LLM-Based Approach for Fixing Software Container Misconfigurations * 🤓 Can LLMs Hack Enterprise Networks? Autonomous Assumed Breach Penetration-Testing Active Directory Networks * 📐 Rule-ATT&CK Mapper (RAM): Mapping SIEM Rules to TTPs Using LLMs * 🦥 OverThink: