AI Infrastructure Security

Five AI Security Tools Found What Curl Already Knew -- But Faster, and With Receipts

Julius, Augustus, Garak, Promptfoo, and AI-Infra-Guard run against the same Ollama target from the prequel -- same vulnerability, but structured bypass rates, named CVE matches, and repeatable test configs that survive a security review.

I Broke Into an AI Chatbot Using a Fake Model. Here's Exactly How.

Full attack chain against Open WebUI v0.6.33 -- from a chat message to root RCE, admin JWT forgery, and persistent backdoor. CVE-2025-64496 exploitation with every command and dead end documented.