Mar 2026 · 12 min
Indirect Prompt Injection: The 2026 Attack Surface
Chained injection attacks against multi-agent systems have increased 312% in 12 months. Here's what changed and why standard guardrails fail.
IPICritical
Read briefing →Feb 2026 · 9 min
When Your RAG Doesn't Respect ACLs
67% of audited RAG systems return at least one document the requester shouldn't see. The root cause is almost never what you think.
RAGPermissions
Read briefing →Feb 2026 · 8 min
Denial-of-Wallet: The Economics of LLM Abuse
A single recursive loop can drain a $50K monthly LLM budget in under 9 hours. Most systems have no circuit breaker.
DoWCost
Read briefing →Jan 2026 · 11 min
Tool-Call Hijacking in Customer Support Agents
When an agent has tool access, injection attacks don't stop at text. We document three production compromises involving real tool execution.
Tool HijackAgent
Read briefing →Jan 2026 · 7 min
Embedding Inversion Attacks on Production Vector DBs
Proprietary training data can be partially reconstructed from embedding endpoints. Here's the attack surface and what to close.
Model TheftEmbeddings
Read briefing →Dec 2025 · 10 min
The Semantic Cache Poisoning Playbook
Semantic caches built for performance are trivially exploitable for injection persistence. One poisoned cache entry can affect thousands of users.
IPICache
Read briefing →