6K downloads in one day!! Check out our huggingface!
We are open-sourcing the GA Guard models — the first family of long-context safety classifiers that have been protecting enterprise AI deployments for the past year.
We are open-sourcing the GA Guard models — the first family of long-context safety classifiers that have been protecting enterprise AI deployments for the past year.
🚨 New exploit: Claude Jailbroken to Mint Unlimited Stripe Coupons Send Claude ONE sneaky SMS and it’ll think you ordered a $50k Stripe coupon—then hand it over. Hackers spoof iMessage metadata with is_from_me:true, tricking the LLM to run any tool call.
Perplexity Comet is scary GOOD. This agentic browser connects to your apps and does everything you want autonomously. It browses, researches, summarizes, and takes action in real-time. Here are 20 wild use cases you need to see👇
This Veo 3 prompt is literally ~$100,000 VFX ad🤯 Prompt in comment
omg.. AI is getting crazier.. you can now use this JSON prompt to create studio level commercial with on one click.. prompts in comment 10 examples:
Secure your MCP clients against prompt injection attacks in Cursor, Claude Code, and Claude desktop with three commands for free. $pip install generalanalysis $ga login $ga configure and you are secure!
.@gen_analysis' MCP Guard is the first runtime firewall designed to secure every MCP tool call against prompt injection attacks. It's a free, open-source tool designed to validate, restrict, and log every MCP tool call. MCP Guard sits between your agents and MCP servers,…
We are releasing a free MCP guard soon! Stay tuned.
Yeah ai app sec is going to continue to be a big deal
🧨 Caution: Cursor + Supabase MCP will leak your private SQL tables — it’s only a matter of time. In our latest test, a simple user message was enough to make Cursor leak integration_tokens to the attacker who submitted it. Here’s the anatomy of the breach 🧵 (1/6)
Wrote this up in a little more detail on my blog I think @supabase should directly mention the risk of lethal trifecta/prompt injection attacks in their MCP documentation simonwillison.net/2025/Jul/6/sup…
Founder of General Analysis here. For what it’s worth, I have said multiple times that I do not think this is Supabase’s fault. Your server was behaving exactly as it was supposed to. Technically speaking, the Supabase server has no way of knowing which tool calls are legitimate…
🧨 Caution: Cursor + Supabase MCP will leak your private SQL tables — it’s only a matter of time. In our latest test, a simple user message was enough to make Cursor leak integration_tokens to the attacker who submitted it. Here’s the anatomy of the breach 🧵 (1/6)
Here's another proof of concept example of a lethal trifecta attack: if you combine the Supabase MCP with another MCP that provides exposure to untrusted tokens and a way to send data back out again - in this case a support ticket system - attackers can steal your Supabase data
The attacker begins by opening a new support ticket and submitting a carefully crafted message. The body of the message includes both a friendly question and a very explicit instruction block addressed directly to the Cursor agent. It is important to note that the support agent…
United States 趋势
- 1. Jokic 24.2K posts
- 2. Lakers 54.2K posts
- 3. Epstein 1.62M posts
- 4. #AEWDynamite 49.2K posts
- 5. Nemec 3,116 posts
- 6. Clippers 13.8K posts
- 7. Shai 16.3K posts
- 8. #NJDevils 3,056 posts
- 9. Thunder 42.7K posts
- 10. #River 4,698 posts
- 11. Markstrom 1,217 posts
- 12. #Blackhawks 1,594 posts
- 13. Ty Lue N/A
- 14. Sam Lafferty N/A
- 15. Nemo 8,685 posts
- 16. #AEWBloodAndGuts 5,827 posts
- 17. Kyle O'Reilly 2,231 posts
- 18. Steph 29.4K posts
- 19. Rory 7,907 posts
- 20. Spencer Knight N/A
Something went wrong.
Something went wrong.