Topics

Google says it caught attackers using an LLM to find a zero-day, peer-reviewed research shows reasoning models can autonomously jailbreak other models, and a look back at the month's AI-infrastructure CVEs. Verify all specifics against primary sources.

A self-propagating npm/PyPI worm sweeps up AI SDKs including Mistral AI and Guardrails AI, two critical RCE classes in the vLLM inference server, and the U.S. CAISI signs frontier-model pre-deployment testing agreements. Verify all specifics against primary sources.

A critical pre-auth SQL injection in LiteLLM lands in CISA's KEV catalog, the EU reaches a provisional deal to delay and reshape the AI Act, and Microsoft details how prompt injection becomes RCE in agent frameworks. Verify all specifics against primary sources.

Analysis and commentary: training-data poisoning as a durable class, ATLAS as a finding taxonomy, red-teaming through the data channel, and the EU AI Act's staged timeline. Verify all specifics against primary sources.

Analysis and commentary: RAG retrieval as an injection channel, insecure output handling as the under-built control, the OWASP LLM Top 10 as an application checklist, and excessive agency in agent designs. Verify all specifics against primary sources.

Analysis and commentary: the NIST AI RMF and its Generative AI Profile as a control map, the model/data supply-chain compromise class, why model extraction is a real business risk, and a defender's reading of safetensors. Verify all specifics against primary sources.

OWASP published the LLM Top 10 in 2023 and updated it in 2025. The list is useful but requires interpretation. Here's which items are operationally relevant vs. theoretically important, and what to prioritize.

The five most consequential AI security developments of 2025: the shift from theoretical to operational attacks, the supply chain compromise wave, regulatory enforcement reaching AI, and what actually improved.

A practitioner's guide to building and consuming a reliable AI security news weekly digest — covering threat categories, authoritative sources, and the signal worth your attention each week.

AI Sec Digest is a daily, primary-source-only digest of AI security news — breach disclosures, exploited CVEs, and regulatory action, with the hype filtered out.