- March 11, 2026
One request looks clean. Five requests leak your AWS key.
Per-request DLP scans each request in isolation. An agent that splits a secret across five requests gets five clean scans and a successful exfiltration. Cross-request detection fixes that.
- March 5, 2026
Guardrails deleted, now what?
OBLITERATUS and similar tools remove safety guardrails from open-weight models using weight ablation. When the model won't refuse, your only defense is the network layer.
- March 3, 2026
Your AI agent leaks API keys through DNS queries
Most DLP tools scan HTTP bodies. Your secrets leak before that, in the DNS lookup. Here's the attack, the proof, and why scan ordering matters.
- February 22, 2026
Your Agent Just Leaked Your AWS Keys: The Attack and Fix
A prompt injection tells your coding agent to exfiltrate credentials via HTTP. No malware. Here's the attack, the output, and the config that stops it.