Security Blog

Deep dives into agentic security, MCP exploits, and prompt injection attacks.

LatestResearch

98% Accurate and Still Broken

We built a 98% accurate classifier. Here's why that number doesn't mean what you think it means.

SJSteven·Jan 3, 2026

Newsletter

Stay in the loop

Get our latest agentic security research delivered straight to your inbox.

No spam. Unsubscribe anytime.

The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

A critical security vulnerability in Notion 3.0's AI Agents demonstrates how the combination of LLM agents, tool access, and long-term memory creates exploitable attack vectors for data exfiltration.

ARAbi·Sep 19, 2025

Taint Analysis for Agent Tool Calls

Applying classic taint analysis to AI agents: tracing how private or untrusted data flows through tool calls to identify data leaks and tampering risks.

SJSteven·Sep 1, 2025

Heroku Exploit: App Ownership Takeover

A critical vulnerability allows attackers to transfer ownership of a Heroku app by injecting a malicious prompt into its logs.

ARAbi·Jun 15, 2025

More Research

Shopify Exploit: Manipulating Shoppers

A critical vulnerability in Shopify's MCP allows attackers to manipulate consumer purchasing decisions using malicious prompts in product descriptions.

ARAbi·Jul 14, 2025

Neon Exploit: Malicious SQL Injection

Attackers can exploit the Neon MCP server to execute malicious SQL operations. Learn how to protect your database from these threats.

ARAbi·Jul 4, 2025

Azure Exploit: Leaking KeyVault Secrets

A critical vulnerability in Azure's MCP allows attackers to leak KeyVault secrets using malicious prompts.

ARAbi·Jun 27, 2025

Linear Exploit: Bypassing Team ACLs

A critical vulnerability in Linear's MCP allows attackers to bypass team access controls and exfiltrate confidential data using malicious prompts.

ARAbi·Jun 14, 2025

Interested in Partnering?

Looking to collaborate on AI security research, academic projects, or enterprise integrations?