Each item includes a short note so readers can understand why it matters before opening the original source material.
Watch video
Attacking AI is a one of a kind session releasing case studies, tactics, and methodology from Arcanum’s AI assessments in 2024 and 2025. While most AI assessment material focuses on academic AI red team content, “Attacking AI” is focused on the task of assessing AI enabled systems.
Krebs on Security covers April 2026 patching activity, including a record-sized Microsoft release and active exploitation notes.
NIST’s AI RMF hub now highlights the upcoming Trustworthy AI in Critical Infrastructure profile alongside the playbook and related implementation resources.
Microsoft Incident Response walks through how to detect prompt abuse operationally, tying prompt injection risk back to logging, telemetry, and incident response workflows.
OpenAI frames prompt injection as an evolving agent-security problem that increasingly resembles social engineering rather than a simple string-matching issue.
OpenAI announced plans to acquire Promptfoo, highlighting automated AI security testing, red teaming, and evaluation as core enterprise requirements.
MITRE maps incident patterns in an open-source agentic ecosystem to ATLAS techniques, showing how AI-first systems create distinct execution paths for attackers.
The European Commission’s AI Act hub centralizes the EU’s risk-based AI compliance framework, implementation material, and links to governance, enforcement, and standardisation resources.
OpenAI describes using automated red teaming and reinforcement learning to discover agent prompt injection attacks before they appear in the wild.
Google Cloud outlines a defense-in-depth view of AI security spanning application controls, data protections, and infrastructure isolation.
An accessible explanation of prompt injection risk in real AI products, including how third-party content can redirect or manipulate agent behavior.
Google’s CISO perspective on why agents need a new security paradigm and what changes when models can observe, plan, and act.
NIST finalizes AI 100-2e2025, providing a terminology and taxonomy for adversarial machine learning across predictive and generative AI systems.
Anthropic shares lessons from frontier red teaming and discusses where models are showing early-warning signs of higher-risk cyber and biology capabilities.
Google introduced AI Protection and Model Armor to address prompt injection, jailbreaks, data loss, and multicloud AI workload security.
OpenAI’s system card for deep research covers prompt injection, privacy, code execution, and external red teaming prior to release.
The Operator system card documents red teaming and mitigation choices for a computer-using agent, with prompt injections listed as a central risk area.
Microsoft summarizes lessons from red teaming more than one hundred generative AI products, emphasizing system-level testing, human expertise, and automation.
Microsoft Security highlights practical red-team lessons, including prompt injections against multimodal systems and the need to stay grounded in basic cyber hygiene.
OWASP’s GenAI security project remains a practical baseline for teams building or assessing LLM applications and agentic systems.