Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence AI agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and securi...

Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models

Large language models LLMs are increasingly integrated into sensitive workflows, raising the stakes for adversarial robustness and safety. This paper introduces Transient Turn InjectionTTI, a new multi-turn attack technique that systematically exploits stateless moderation by distributing...

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senior security leaders, examines how...

Adversarial Limits of Quantum Certification: When Eve Defeats Detection

Security of quantum key distribution QKD relies on certifying that observed correlations arise from genuine quantum entanglement rather than eavesdropper manipulation. Theoretical security proofs assume idealized conditions, practical certification must contend with adaptive adversaries who...

Data Poisoning Vulnerabilities across Healthcare AI Architectures: A Security Threat Analysis

Healthcare AI systems face major vulnerabilities to data poisoning that current defenses and regulations cannot adequately address. We analyzed eight attack scenarios in four categories: architectural attacks on convolutional neural networks, large language models, and reinforcement learning...

VWAttacker: a Systematic Security Testing Framework for Voice over WiFi User Equipments

We present VWAttacker, the first systematic testing framework for analyzing the security of Voice over WiFi VoWiFi User Equipment UE implementations. VWAttacker includes a complete VoWiFi network testbed that communicates with Commercial-Off-The-Shelf COTS UEs based on a simple interface to test...

Pushing the Limits of Safety: a Technical Report on the ATLAS Challenge 2025

Multimodal Large Language Models MLLMs have enabled transformative advancements across diverse applications but remain susceptible to safety threats, especially jailbreak attacks that induce harmful outputs. To systematically evaluate and improve their safety, we organized the Adversarial Testing...

Offensive Security for AI Systems: Concepts, Practices, and Applications

As artificial intelligence AI systems become increasingly adopted across sectors, the need for robust, proactive security strategies is paramount. Traditional defensive measures often fall short against the unique and evolving threats facing AI-driven technologies, making offensive security an...

OET: Optimization-Based Prompt Injection Evaluation Toolkit

Large Language Models LLMs have demonstrated remarkable capabilities in natural language understanding and generation, enabling their widespread adoption across various domains. However, their susceptibility to prompt injection attacks poses significant security risks, as adversarial inputs can...