Invisible Unicode를 통한 Guardrail 우회 및 Prompt Injection 방어 전략
The invisible characters in your prompts aren't a conspiracy — they're a warning about your trust boundary
The invisible characters in your prompts aren't a conspiracy — they're a warning about your trust boundary
🔐 Angular Security in Production: How XSS Protection, DomSanitizer, and CSRF Defenses Actually Fit Together
LLM integration with Vercel AI SDK
Schema first, prompt second: valid JSON wasn't enough
Fortifying the User Interface: Frontend Security Best Practices
Web Security Is Everyone's Job: A Developer's Field Guide
No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
I reproduced a Claude Code RCE. The bug pattern is everywhere.
Building an E2EE Chat App in Flask - Part 3: Keeping File Uploads Safe
Shipping on Gemma 4: chain-of-thought leakage, MoE-vs-Dense, and on-device pragmatism
xAI open-sourced their ranker. It doesn't compile.
I built ginvalidator — middleware-based request validation for Gin, modeled on express-validator
Your AI Assistant is Gullible: Building a "Semantic Airgap" for Gmail Connectors
GHSA-JM8C-9F3J-4378: GHSA-jm8c-9f3j-4378: Unauthenticated Email Content Injection in Pretalx Template Engine
HTTP desync: el bug que permitió espiar Discord en tiempo real
I built a bug reporting system into my VS Code extension — here's how it works
How I Built an OCR-Based Defense Against Prompt Injection for Local LLM Search