# vulnerability
11 articlestagged with “vulnerability”
Case Study: GitHub Copilot Generating Vulnerable Code
Analysis of research findings demonstrating that GitHub Copilot and similar AI code assistants systematically generate code containing security vulnerabilities, and the implications for software supply chain security.
Case Study: MCP Security Vulnerability Disclosure
Analysis of early MCP security vulnerability discoveries including tool poisoning and transport security issues.
AI Bug Bounty Programs
Comprehensive guide to active AI bug bounty programs from OpenAI, Anthropic, Google, and platform providers. Scope definitions, reward ranges, submission best practices, and AI-specific vulnerability categories.
Automated Vulnerability Discovery
Building automated tools for discovering novel vulnerabilities in LLM applications.
Garak: LLM Vulnerability Scanner
Deep dive into NVIDIA's Garak LLM vulnerability scanner: architecture, probes, generators, evaluators, custom probe development, and CI/CD integration for automated security scanning.
PEFT Vulnerability Analysis
Security analysis of Parameter-Efficient Fine-Tuning methods beyond LoRA.
Ethics & Responsible Disclosure
Ethical frameworks for AI red teaming, responsible disclosure processes for AI vulnerabilities, when and how to report findings, and navigating bug bounty programs.
CTF: Code Gen Exploit
Manipulate AI code generation to produce vulnerable, backdoored, or malicious code. Explore how prompt manipulation influences code security, from subtle vulnerability injection to full backdoor insertion.
Technical Findings Documentation
How to document AI-specific vulnerabilities: reproduction steps, severity assessment with AI-adapted frameworks, remediation recommendations, and finding templates.
AI Vulnerability Classification System
Structured system for classifying AI-specific vulnerabilities by type, impact, and exploitability.
Classifying AI Vulnerability Severity
Framework for consistently classifying the severity of AI and LLM vulnerabilities, with scoring criteria, impact assessment, and examples across common finding categories.