AI security research, adversarial AI, LLM jailbreaking, prompt injection, CVE disclosures, and offensive security by Kai Aizen.https://snailsploit.com/en-ushttps://snailsploit.com/security-research/cves/cve-2026-33693/https://snailsploit.com/security-research/cves/cve-2026-33693/SSRF bypass via 0.0.0.0 in ActivityPub federation library. Missing is_unspecified() check affects Lemmy and 6+ Fediverse projects. CVSS 6.5.Mon, 23 Mar 2026 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2026-32885/https://snailsploit.com/security-research/cves/cve-2026-32885/ZipSlip path traversal in ddev. Malicious archives escape extraction directory via Untar/Unzip without path containment. CVSS 6.5.Tue, 17 Mar 2026 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2026-32809/https://snailsploit.com/security-research/cves/cve-2026-32809/Unvalidated symlink targets in tar extraction enable arbitrary file read via crafted archives. Affects all tar formats. CVSS 7.4 High.Mon, 16 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/self-replicating-memory-worm/https://snailsploit.com/ai-security/self-replicating-memory-worm/A single memory edit becomes an autonomous, self-replicating worm — generational escalation, credential harvesting, cross-service pivoting via Notion and MCP, and indefinite persistence across session resets.Wed, 11 Mar 2026 00:00:00 GMThttps://snailsploit.com/security-research/general/io-uring-zcrx-race-condition/https://snailsploit.com/security-research/general/io-uring-zcrx-race-condition/Race condition in io_uring zerocopy receive — non-atomic user_refs operations lead to double-free and out-of-bounds write. Linux kernel commit by Kai Aizen, backported to stable.Wed, 11 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/adversarial-prompting/https://snailsploit.com/ai-security/adversarial-prompting/Every adversarial prompting technique mapped — from role hijacking to multi-turn escalation to indirect injection. How attacks work, why defenses fail, and what the taxonomy looks like from the attacker's side.Tue, 10 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/jailbreak-techniques/https://snailsploit.com/ai-security/jailbreaking/jailbreak-techniques/Complete taxonomy of LLM jailbreak techniques — role hijacking, multi-turn escalation, context manipulation, encoding exploits, and chain-of-thought abuse.Tue, 10 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/prompt-injection/prompt-injection-examples/https://snailsploit.com/ai-security/prompt-injection/prompt-injection-examples/Real-world prompt injection examples across direct injection, indirect injection, MCP tool poisoning, and memory attacks.Tue, 10 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/prompt-injection/memory-injection-nested-skills/https://snailsploit.com/ai-security/prompt-injection/memory-injection-nested-skills/A novel persistence chain exploiting trust boundaries in LLM agent frameworks — skill injection + memory poisoning = self-healing, autonomous implant.Tue, 10 Mar 2026 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2026-3288/https://snailsploit.com/security-research/cves/cve-2026-3288/Configuration injection via rewrite-target annotation in ingress-nginx. RCE and cluster-wide Secret disclosure. CVSS 8.8.Mon, 09 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/weaponized-ai-supply-chain/https://snailsploit.com/ai-security/weaponized-ai-supply-chain/89% increase in AI-enabled attacks. How threat actors weaponize LLM supply chains — from model poisoning to MCP tool injection.Wed, 04 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/mcp-vs-a2a-attack-surface/https://snailsploit.com/ai-security/mcp-vs-a2a-attack-surface/MCP has 30+ CVEs and real-world breaches. A2A has zero. Side-by-side attack surface comparison with defensive guidance.Sun, 01 Mar 2026 00:00:00 GMThttps://snailsploit.com/ai-security/rai-judge-blind-spots/https://snailsploit.com/ai-security/rai-judge-blind-spots/I built an LLM safety judge. Six iterations, 680+ responses. It passed — while missing 63% of unsafe content.Thu, 26 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/aatmf-vs-mitre-atlas/https://snailsploit.com/ai-security/aatmf-vs-mitre-atlas/MITRE ATLAS: 66 techniques. AATMF v3.1: 240 techniques, 4,980+ prompts, quantitative risk scoring.Fri, 20 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/llm-red-teamers-playbook/https://snailsploit.com/ai-security/llm-red-teamers-playbook/A systematic methodology for diagnosing LLM defense layers and selecting bypass techniques that actually work.Fri, 20 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/ai-breach-detection-gap/https://snailsploit.com/ai-security/ai-breach-detection-gap/74% of organizations found AI breaches when they looked. Most are not looking.Fri, 20 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/computational-countertransference/https://snailsploit.com/ai-security/computational-countertransference/LLMs adopt adversarial states from pasted transcripts. 13-month study reveals context inheritance as an architectural vulnerability.Wed, 18 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/ai-coding-agent-attack-surface/https://snailsploit.com/ai-security/ai-coding-agent-attack-surface/AI coding agents trust code comments, README files, and MCP servers the same way humans trust authority.Tue, 17 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/ai-gateway-threat-model/https://snailsploit.com/ai-security/ai-gateway-threat-model/First generalized AI gateway threat model covering 8 unmapped attack vectors. 91K attack sessions analyzed.Wed, 11 Feb 2026 00:00:00 GMThttps://snailsploit.com/ai-security/agentic-ai-threat-landscape/https://snailsploit.com/ai-security/agentic-ai-threat-landscape/Full agentic AI threat landscape: prompt injection, MCP tool poisoning, multi-agent infection, memory poisoning.Wed, 11 Feb 2026 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2026-1208/https://snailsploit.com/security-research/cves/cve-2026-1208/Cross-Site Request Forgery in Friendly Functions for Welcart WordPress plugin. Settings manipulation. CVSS 4.3.Fri, 23 Jan 2026 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/memory-manipulation-attacks/https://snailsploit.com/ai-security/jailbreaking/memory-manipulation-attacks/How attackers poison AI context windows and memory systems to compromise future interactions.Tue, 06 Jan 2026 00:00:00 GMThttps://snailsploit.com/ai-security/rag-agentic-attack-surface/https://snailsploit.com/ai-security/rag-agentic-attack-surface/Understanding the expanded attack surface of RAG systems and agentic AI.Fri, 17 Oct 2025 00:00:00 GMThttps://snailsploit.com/ai-security/ai-social-engineering-deepfake/https://snailsploit.com/ai-security/ai-social-engineering-deepfake/How AI enables sophisticated social engineering through deepfake voices. Detection techniques and organizational defense.Sat, 09 Aug 2025 00:00:00 GMThttps://snailsploit.com/ai-security/prompt-injection/mcp-security-deep-dive/https://snailsploit.com/ai-security/prompt-injection/mcp-security-deep-dive/How to secure MCP servers in production AI environments.Sat, 09 Aug 2025 00:00:00 GMThttps://snailsploit.com/security-research/general/zero-trust-container-runtime/https://snailsploit.com/security-research/general/zero-trust-container-runtime/Implementing zero-trust principles in container runtime environments.Sat, 09 Aug 2025 00:00:00 GMThttps://snailsploit.com/ai-security/prompt-injection/mcp-threat-analysis/https://snailsploit.com/ai-security/prompt-injection/mcp-threat-analysis/Offensive threat analysis of the Model Context Protocol.Sun, 18 May 2025 00:00:00 GMThttps://snailsploit.com/ai-security/prompt-injection/custom-instruction-backdoor/https://snailsploit.com/ai-security/prompt-injection/custom-instruction-backdoor/Uncovering emergent prompt injection risks through ChatGPT custom instructions.Sun, 18 May 2025 00:00:00 GMThttps://snailsploit.com/writing/ai-obfuscator-detection-bypass/https://snailsploit.com/writing/ai-obfuscator-detection-bypass/Building a cloud-based obfuscator using AI that bypasses security detection.Wed, 23 Apr 2025 00:00:00 GMThttps://snailsploit.com/security-research/general/advanced-container-escapes/https://snailsploit.com/security-research/general/advanced-container-escapes/Deep technical analysis of container escape techniques.Sun, 02 Mar 2025 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/inherent-ai-vulnerabilities/https://snailsploit.com/ai-security/jailbreaking/inherent-ai-vulnerabilities/Technical analysis of structural vulnerabilities in AI systems.Mon, 10 Feb 2025 00:00:00 GMThttps://snailsploit.com/security-research/general/chatgpt-canvas-rce-dns-exfiltration/https://snailsploit.com/security-research/general/chatgpt-canvas-rce-dns-exfiltration/Python Pickle RCE and DNS exfiltration in ChatGPT Code Interpreter sandbox.Sat, 01 Feb 2025 00:00:00 GMThttps://snailsploit.com/ai-security/structural-vulnerabilities-llms/https://snailsploit.com/ai-security/structural-vulnerabilities-llms/Tokenization evasion, parsing limits, and alignment failure modes in production AI.Sat, 25 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/general/edr-evasion-techniques/https://snailsploit.com/security-research/general/edr-evasion-techniques/Technical analysis of EDR evasion techniques.Thu, 16 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2025-12030/https://snailsploit.com/security-research/cves/cve-2025-12030/IDOR in ACF to REST API WordPress plugin. Unauthorized data access. CVSS 4.3.Wed, 15 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2025-12163/https://snailsploit.com/security-research/cves/cve-2025-12163/Stored XSS in OmniPress WordPress plugin via author-level access. CVSS 6.4.Wed, 15 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2025-9776/https://snailsploit.com/security-research/cves/cve-2025-9776/Authenticated SQL Injection via CSV Import in CatFolders WordPress plugin. CVSS 6.5.Mon, 13 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2025-11171/https://snailsploit.com/security-research/cves/cve-2025-11171/Missing authentication for admin functions in Chartify WordPress plugin. CVSS 5.3.Mon, 13 Jan 2025 00:00:00 GMThttps://snailsploit.com/security-research/cves/cve-2025-11174/https://snailsploit.com/security-research/cves/cve-2025-11174/Missing authorization in Document Library Lite exposes sensitive data. CVSS 5.3.Mon, 13 Jan 2025 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/context-inheritance-exploit/https://snailsploit.com/ai-security/jailbreaking/context-inheritance-exploit/Discovering how jailbroken states persist across GPT sessions through context inheritance.Sat, 04 Jan 2025 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/ai-inherent-vulnerability/https://snailsploit.com/ai-security/jailbreaking/ai-inherent-vulnerability/Examining the fundamental security limitations of large language models.Tue, 19 Nov 2024 00:00:00 GMThttps://snailsploit.com/writing/embracing-ai-adapt-or-die/https://snailsploit.com/writing/embracing-ai-adapt-or-die/Why security professionals must embrace AI or risk irrelevance.Fri, 06 Sep 2024 00:00:00 GMThttps://snailsploit.com/writing/personal-data-identity-theft/https://snailsploit.com/writing/personal-data-identity-theft/Investigating the personal data marketplace and its implications for identity theft.Wed, 04 Sep 2024 00:00:00 GMThttps://snailsploit.com/security-research/general/cloud-vulnerability-exploitation/https://snailsploit.com/security-research/general/cloud-vulnerability-exploitation/Practical guide to cloud security testing across AWS, Azure, and GCP.Wed, 10 Jul 2024 00:00:00 GMThttps://snailsploit.com/ai-security/hidden-risks-offensive-perspective/https://snailsploit.com/ai-security/hidden-risks-offensive-perspective/Emerging AI threat vectors from an offensive security perspective.Sat, 08 Jun 2024 00:00:00 GMThttps://snailsploit.com/ai-security/jailbreaking/chatgpt-context-jailbreak/https://snailsploit.com/ai-security/jailbreaking/chatgpt-context-jailbreak/Step-by-step walkthrough of jailbreaking ChatGPT using context and social awareness techniques.Mon, 27 May 2024 00:00:00 GMT