machine learning

Today, we present the second of our open-source AI security audits: a look at security issues we found in an open-source retrieval augmented generation (RAG) application that could lead to chatbot output ...

Let’s explore some of the details behind this escalating threat to SaaS applications, what may be driving it, and what you can do to better protect your SaaS footprint from these types ...

The digital landscape is no longer solely populated by human actors. Lurking beneath the surface is a silent legion – non-human or machine identities . These non-human identities encompass computers, mobile devices, ...

By Artem Dinaburg Earlier this week, at Apple’s WWDC, we finally witnessed Apple’s AI strategy. The videos and live demos were accompanied by two long-form releases: Apple’s Private Cloud Compute and Apple’s ...

By Adelin Travers Earlier this week, Apple announced Private Cloud Compute (or PCC for short). Without deep context on the state of the art of Artificial Intelligence (AI) and Machine Learning (ML) ...

Copilot Plus? More like Copilot Minus: Redmond realizes Recall requires radical rethink ...

By Adam Koblentz In recent weeks, a new wide-scale identity security incident has been unfolding that is refocusing the spotlight on important questions such as: Why are account takeover, credential misuse, and ...

By Boyan Milanov In part 1, we introduced Sleepy Pickle, an attack that uses malicious pickle files to stealthily compromise ML models and carry out sophisticated attacks against end users. Here we ...

By Boyan Milanov We’ve developed a new hybrid machine learning (ML) model exploitation technique called Sleepy Pickle that takes advantage of the pervasive and notoriously insecure Pickle file format used to package ...

By Michael D. Brown We are offering AI/ML safety and security training in summer and fall of this year! Recent advances in AI/ML technologies opened up a new world of possibilities for ...