llm security
30 articles about llm security in AI news
Research Paper Proposes Security Framework for Autonomous AI Agents in Commerce
A Systematization of Knowledge (SoK) paper analyzes the emerging threat landscape for autonomous LLM agents conducting commerce. It identifies 12 attack vectors across five dimensions and proposes a layered defense architecture. This is a foundational security analysis for a nascent but high-stakes technology.
Claude Security Public Beta Launches in Claude Code on Web
Anthropic launched Claude Security in public beta for Claude Code on web, letting developers validate and fix vulnerabilities without leaving the editor.
VoteGCL: A Novel LLM-Augmented Framework to Combat Data Sparsity in
A new paper introduces VoteGCL, a framework that uses few-shot LLM prompting and majority voting to create high-confidence synthetic data for graph-based recommendation systems. It integrates this data via graph contrastive learning to improve accuracy and mitigate bias, outperforming existing baselines.
AI Agent Security Startup Emerges Amid Enterprise Rush, Per VC Tweet
A VC's tweet highlights a critical gap in enterprise AI agent adoption: security. This signals a market opportunity, with a new startup reportedly emerging to address it.
LLMs Can De-Anonymize Users from Public Data, Study Warns
Large Language Models can now piece together a person's identity from their public online trail, rendering pseudonyms ineffective. This raises significant privacy and security concerns for internet users.
Akshay Pachaar Inverts LLM Agent Architecture with 'Harness' Design
AI engineer Akshay Pachaar outlined a novel 'harness' architecture for LLM agents that externalizes intelligence into memory, skills, and protocols. He is building a minimal, didactic open-source implementation of this design.
HUOZIIME: A Research Framework for On-Device LLM-Powered Input Methods
A new research paper introduces HUOZIIME, a personalized on-device input method powered by a lightweight LLM. It uses a hierarchical memory mechanism to capture user-specific input history, enabling privacy-preserving, real-time text generation tailored to individual writing styles.
llm-anthropic 0.25 Adds Opus 4.7 with xhigh Thinking Effort — Here's How
Update to llm-anthropic 0.25 to access Claude Opus 4.7 with xhigh thinking_effort for tackling your most challenging code problems.
Multi-User LLM Agents Struggle: Gemini 3 Pro Scores 85.6% on Muses-Bench
A new benchmark reveals LLMs struggle with multi-user scenarios where agents face conflicting instructions. Gemini 3 Pro leads but only achieves 85.6% average, with privacy-utility tradeoffs proving particularly difficult.
Karpathy's LLM Wiki Hits 5k Stars, Gains Memory Lifecycle Extension
Andrej Karpathy's LLM Wiki repository gained 5,000 GitHub stars in two days. A developer has now extended it with memory lifecycle features, addressing a noted gap.
MCP Security Crisis: 43% of Servers Vulnerable, 341 Malicious Skills Found
Security audits of the Model Context Protocol (MCP) ecosystem reveal 43% of servers are vulnerable to command execution, while 341 malicious skills were found on marketplaces, exposing systemic security flaws in agentic AI. The findings highlight a growing attack surface as AI agents become more autonomous.
Keygraph Launches Shannon AI to Automate Web App Security Testing
Keygraph has launched 'Shannon,' an AI agent that autonomously hacks web applications to find security flaws. This positions AI as an offensive security tool for proactive defense.
A Practical Guide to Fine-Tuning Open-Source LLMs for AI Agents
This Portuguese-language Medium article is Part 2 of a series on LLM engineering for AI agents. It provides a hands-on guide to fine-tuning an open-source model, building on a foundation of clean data and established baselines from Part 1.
Paper: LLMs Fail 'Safe' Tests When Prompted to Role-Play as Unethical Characters
A new paper reveals that large language models (LLMs) considered 'safe' on standard benchmarks will readily generate harmful content when prompted to role-play as unethical characters. This exposes a critical blind spot in current AI safety evaluation methods.
GameMatch AI Proposes LLM-Powered Identity Layer for Semantic Search in Recommendations
A new Medium article introduces GameMatch AI, a system that uses an LLM to create a user identity layer from descriptive paragraphs, aiming to move beyond click-based recommendations. The concept suggests a shift towards understanding user intent and identity for more personalized discovery.
Audit Your MCP Servers in 10 Seconds with This Free Security Score API
A new free API gives Claude Code users a Lighthouse-style security score for any MCP server, revealing that 60% of scanned packages have vulnerabilities.
MemoryCD: New Benchmark Tests LLM Agents on Real-World, Lifelong User Memory for Personalization
Researchers introduce MemoryCD, the first large-scale benchmark for evaluating LLM agents' long-context memory using real Amazon user data across 12 domains. It reveals current methods are far from satisfactory for lifelong personalization.
Open-Source Multi-Agent LLM System for Complex Software Engineering Tasks Released by Academic Consortium
A consortium of researchers from Stony Brook, CMU, Yale, UBC, and Fudan University has open-sourced a multi-agent LLM system specifically architected for complex software engineering. The release aims to provide a collaborative, modular framework for tackling tasks beyond single-agent capabilities.
Human Security Report: AI Agent Traffic Surges 8000%, Bots Now Outpace Humans on Internet
A new report from cybersecurity firm Human Security finds automated traffic grew 8x faster than human activity in 2025, with AI agent traffic exploding by nearly 8,000%. This marks a tipping point where bots now dominate internet traffic.
A Technical Guide to Prompt and Context Engineering for LLM Applications
A Korean-language Medium article explores the fundamentals of prompt engineering and context engineering, positioning them as critical for defining an LLM's role and output. It serves as a foundational primer for practitioners building reliable AI applications.
Tessera Launches Open-Source Framework for 32 OWASP AI Security Tests, Benchmarks GPT-4o, Claude, Gemini, Llama 3
Tessera introduces the first open-source framework to run all 32 OWASP AI security tests against any model with one CLI command. It provides benchmark results for GPT-4o, Claude, Gemini, Llama 3, and Mistral across 21 model-specific security tests.
PyPI Quarantines LiteLLM Package After Supply Chain Attack Compromises AI Integration Tool
The Python Package Index (PyPI) has quarantined the LiteLLM package after a supply chain attack distributed a malicious update. The action prevents automatic installation of the compromised version via pip.
DEAF Benchmark Reveals Audio MLLMs Rely on Text, Not Sound, Scoring Below 50% on Acoustic Faithfulness
Researchers introduce DEAF, a 2,700-stimulus benchmark testing Audio MLLMs' acoustic processing. Evaluation of seven models shows a consistent pattern of text dominance, with models scoring below 50% on acoustic faithfulness metrics.
Zalando to Deploy Up to 50 AI-Powered Nomagic Robots in European Fulfillment Centers
Zalando is scaling its warehouse automation by installing up to 50 AI-powered Nomagic picking robots across European fulfillment centers. This move aims to enhance efficiency and handle complex items, reflecting a major investment in robotic fulfillment for fashion e-commerce.
Building a Store Performance Monitoring Agent: LLMs, Maps, and Actionable Retail Insights
A technical walkthrough demonstrates how to build an AI agent that analyzes store performance data, uses an LLM to generate explanations for underperformance, and visualizes results on a map. This agentic pattern moves beyond dashboards to actively identify and diagnose location-specific issues.
Agno v2: An Open-Source Framework for Intelligent Multi-LLM Routing
Agno v2 is an open-source framework that enables developers to build a production-ready chat application with intelligent routing. It automatically selects the cheapest LLM capable of handling each user query, optimizing cost and performance.
Security Researcher Exposes 40,000+ OpenClaw Servers, 12,000 Vulnerable to API Key Theft
A security scan reveals over 40,000 OpenClaw servers are exposed online, with 12,000+ vulnerable to API key and data theft. The researcher published a comparative security analysis of hosted AI providers.
Fractal Analytics Launches LLM Studio for Enterprise Domain-Specific AI
Fractal Analytics has launched LLM Studio, an enterprise platform built on NVIDIA infrastructure to help organizations build, deploy, and manage custom, domain-specific language models. It emphasizes governance, control, and moving beyond generic AI APIs.
FGTR: A New LLM Method for Fine-Grained Multi-Table Retrieval
Researchers propose FGTR, a hierarchical LLM reasoning method for retrieving precise data from multiple, large tables. It outperforms prior methods by 18-21% on standard benchmarks, moving beyond simple similarity search to a more analytical approach.
Open-Source LLM Course Revolutionizes AI Education: Free GitHub Repository Challenges Paid Alternatives
A comprehensive GitHub repository called 'LLM Course' by Maxime Labonne provides complete, free training on large language models—from fundamentals to deployment—threatening the market for paid AI courses with its organized structure and practical notebooks.