Agentic AI As a Cybersecurity Attack Surface: Threats, Exploits, and Defenses in Runtime Supply Chains

Agentic systems built on large language models LLMs extend beyond text generation to autonomously retrieve information and invoke tools. This runtime execution model shifts the attack surface from build-time artifacts to inference-time dependencies, exposing agents to manipulation through untrust...

When GPT Spills the Tea: Comprehensive Assessment of Knowledge File Leakage in GPTs

Knowledge files have been widely used in large language model LLM agents, such as GPTs, to improve response quality. However, concerns about the potential leakage of knowledge files have grown significantly. Existing studies demonstrate that adversarial prompts can induce GPTs to leak knowledge...

Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)

Exploit Title: Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 12 July 2021 Exploit Author: Subhadip Nag mrl0s3r Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14858/invoice-system-using-phpoop-free-source-code.html Tested...

XBlast 2.6.1 HOME Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would allow a local user to...