SORT:
Integrating AI Security into the SDLC
Executive Summary AI and ML systems are expanding the software attack surface in new and evolving ways, through model theft, adversarial evasion, prompt injection, data poisoning, and unsafe model artifacts. These risks can’t be fully addressed by traditional application security alone. They require AI-specific defenses integrated directly into the Software Development Lifecycle (SDLC). This guide […]
Persistent Backdoors
Summary Unlike other model backdooring techniques, the Shadowlogic technique discovered by the HiddenLayer SAI team ensures that a backdoor will remain persistent and effective even after model conversion and/or fine-tuning. Whether a model is converted from PyTorch to ONNX, ONNX to TensorRT, or even if it is fine-tuned, the backdoor persists. Therefore, the ShadowLogic technique […]
Top 5 AI Threat Vectors in 2025
AI is powering the next generation of innovation. Whether driving automation, enhancing customer experiences, or enabling real-time decision-making, it has become inseparable from core business operations. However, as the value of AI systems grows, so does the incentive to exploit them. Our 2025 Threat Report surveyed 250 IT leaders responsible for securing or developing AI […]
Visual Input based Steering for Output Redirection (VISOR)
Summary Consider the well-known GenAI related security incidents, such as when OpenAI disclosed a March 2023 bug that exposed ChatGPT users’ chat titles and billing details to other users. Google’s AI Overviews feature was caught offering dangerous “advice” in search, like telling people to put glue on pizza or eat rocks, before the company pushed […]
LLM Security 101: Guardrails, Alignment, and the Hidden Risks of GenAI
Summary AI systems are used to create significant benefits in a wide variety of business processes, such as customs and border patrol inspections, improving airline maintenance, and for medical diagnostics to enhance patient care. Unfortunately, threat actors are targeting the AI systems we rely on to enhance customer experience, increase revenue, or improve manufacturing margins. […]
AI Coding Assistants at Risk
From autocomplete to full-blown code generation, AI-powered development tools like Cursor are transforming the way software is built. They’re fast, intuitive, and trusted by some of the world’s most recognized brands, such as Samsung, Shopify, monday.com, US Foods, and more. In our latest research, HiddenLayer’s security team demonstrates how attackers can exploit seemingly harmless files, […]
How Hidden Prompt Injections Can Hijack AI Code Assistants Like Cursor
Summary AI tools like Cursor are changing how software gets written, making coding faster, easier, and smarter. But HiddenLayer’s latest research reveals a major risk: attackers can secretly trick these tools into performing harmful actions without you ever knowing. In this blog, we show how something as innocent as a GitHub README file can be […]
OpenSSF Model Signing for Safer AI Supply Chains
Summary The future of artificial intelligence depends not just on powerful models but also on our ability to trust them. As AI models become the backbone of countless applications, from healthcare diagnostics to financial systems, their integrity and security have never been more important. Yet the current AI ecosystem faces a fundamental challenge: How does […]
HiddenLayer Appoints Chelsea Strong as Chief Revenue Officer to Accelerate Global Growth and Customer Expansion
AUSTIN, TX — July 16, 2025 — HiddenLayer, the leading provider of security solutions for artificial intelligence, is proud to announce the appointment of Chelsea Strong as Chief Revenue Officer (CRO). With over 25 years of experience driving enterprise sales and business development across the cybersecurity and technology landscape, Strong brings a proven track record […]
© 2025 HiddenLayer
