Disclosures, teardowns, and field notes — written by people who broke the thing.

Deep writeups on LLM jailbreaks, prompt injection, supply-chain attacks, and frontier-model failures from working adversarial researchers.

Recent coverage includes the Vercel / Context.ai OAuth supply-chain breach, LangChain serialization injection (LangGrinch), GitHub Copilot RCE, EchoLeak zero-click prompt injection in M365 Copilot, and the Next.js middleware RCE.