SECURITY RESEARCH // 2026

AI SECURITY &
COMPLIANCE GUIDES

Deep research on OWASP LLM Top 10, EU AI Act obligations, NIST AI RMF, prompt injection, and developer-native security posture — written by engineers, for engineers.

AllOWASP LLMEU AI ActAI ComplianceCLI GuidesCybersecurity
Featured Article
OWASP LLMFEATUREDMarch 26, 2026·9 min read

OWASP LLM Top 10 Scanner: Detect Prompt Injection, Insecure Output Handling & AI Vulnerabilities in Your Codebase

Traditional scanners like Snyk and Semgrep are blind to the entire OWASP LLM Top 10. If your app calls OpenAI, Anthropic, LangChain, or any LLM API, you have a new class of attack surface — and zero tools to scan it. Here's how to fix that.

LLM01 Prompt InjectionLLM02 Insecure OutputLLM08 Excessive Agency
Read Article →
Coverage Score
0/10
OWASP LLM checks
by Snyk · Semgrep · SonarCloud
Custodia: 10/10 ✓
Latest Research
EU AI Act15 min read

EU AI Act Compliance for Developers: Articles 9, 13, 14, 52 Explained

The EU AI Act is the world's first comprehensive AI regulation. These four articles define your compliance roadmap — with code examples, penalty structure, and enforcement timeline.

Art. 9 Risk MgmtArt. 13 LoggingArt. 14 OversightArt. 52 Disclosure
April 13, 2026Read →
OWASP LLM12 min read

Model Output Validation: Why LLMs Hallucinate Into Your Database

Your LLM generates SQL that drops tables. JSON with "admin": true. Code that exfiltrates secrets. Three types of output hallucination and the 5-step defense framework.

LLM02 Output HandlingSQL HallucinationCode Gen Security
April 11, 2026Read →
OWASP LLM14 min read

Prompt Injection Vulnerabilities in Production: How Hackers Hijack LLM Apps

Prompt injection is the AI equivalent of SQL injection. Real exploits from production apps, three layers of attack (direct, context, indirect), and the complete defense checklist.

LLM01 Prompt InjectionIndirect InjectionRAG Poisoning
April 9, 2026Read →
Cybersecurity8 min read

We Scanned Supabase and It Scored 100/100 — Here's What Perfect Security Looks Like

Supabase powers 1M+ databases. We ran a full security scan across 628 files — auth, data protection, secrets, injection, logging, AI governance — and found zero vulnerabilities. Here's every practice they got right.

OWASP Top 10Clean ScanSecurity Posture
April 8, 2026Read →
Cybersecurity9 min read

How rollup@4.39.0 Turns Your CI Pipeline Into a Secret Vault Leak

GHSA-mw96-cpmx-2vgc in rollup@4.39.0 enables prototype pollution during builds, exposing CI secrets. Learn the attack chain and how to fix it now.

OWASP A06:2021CWE-1035CWE-1321
April 7, 2026Read →
Cybersecurity9 min read

7 Active CVEs in One Fastify Dependency: The Silent Supply-Chain Threat

node-forge@1.3.1 ships 7 GHSA advisories into your Fastify app. Learn how prototype pollution chains to full validation bypass — and how to fix it in CI.

OWASP A06:2021CWE-1035CWE-937
April 7, 2026Read →
Cybersecurity9 min read

3 Open Advisories in Elysia's Deps That Can DoS Your API

file-type@20.4.1 and valibot@1.1.0 carry 3 open GHSA advisories enabling ReDoS, heap reads, and schema bypass. Learn to fix and prevent this in Elysia.

OWASP A06:2021CWE-937CWE-1035
April 7, 2026Read →
Cybersecurity9 min read

Mutable GitHub Actions Tags: The Supply Chain Backdoor in Your CI

A single mutable @v3 tag can let attackers execute code in your CI pipeline and steal npm tokens. Learn how to pin actions to commit SHAs and prevent it.

OWASP A06:2021CWE-829NIST SI-7
April 7, 2026Read →
Cybersecurity9 min read

6 CVEs in Hono's Dependency Chain: The Invisible Supply Chain Risk

Undici request smuggling and 5 more CVEs in Hono's dependency graph expose thousands of Cloudflare Workers apps. Learn to detect and fix them before attackers do.

OWASP A06:2021CWE-1035CWE-1104
April 7, 2026Read →
Cybersecurity9 min read

The 'superSecret' JWT Backdoor Hiding in Plain Sight

A hardcoded JWT fallback secret lets attackers forge admin tokens in 90 seconds. Learn how this CWE-798 flaw works and how to fix it permanently. Scan your repo now.

OWASP A07:2021CWE-798NIST AC-2
April 6, 2026Read →
OWASP LLM12 min read

OWASP LLM Top 10 in Production: Real Vulnerabilities We Found in 50 Apps

We scanned 50 real-world LLM applications and found the same vulnerability patterns across all of them. Here's what the OWASP LLM Top 10 actually looks like in production code.

LLM01 Prompt InjectionLLM02 Output HandlingLLM08 Excessive Agency
April 4, 2026Read →
Cybersecurity7 min read

API Key Exposed in Your Code? Here's Exactly What To Do

Found a secret committed to your repo? Rotate first, then follow the 5-step response playbook: audit git history, scan for more secrets, fix your .gitignore, and prevent it with CI scanning.

Secrets ExposureIncident ResponseGit History Audit
April 2, 2026Read →
Cybersecurity11 min read

Pre-Launch Security Checklist for Solo Developers and Indie Hackers

The 15-item security checklist written for solo founders launching next week — not a Fortune 500 security team. Custodia automates 11 of 15. In priority order.

Pre-LaunchOWASP Top 10Secrets & Auth
April 2, 2026Read →
OWASP LLM10 min read

Prompt Injection Prevention: Stop LLM01 Attacks Before They Ship

Prompt injection is the #1 OWASP LLM vulnerability. This guide covers direct and indirect injection, RAG-specific attack paths, layered defenses, and how to detect vulnerable patterns before release.

LLM01 Prompt InjectionIndirect InjectionRAG Security
March 27, 2026Read →
EU AI Act11 min read

EU AI Act Compliance Checker for Developers: Automate Risk Assessment & Audit Readiness in One CLI Command

The EU AI Act is in force. Articles 9, 13, 14, and 52 impose real technical obligations on developers shipping AI features — and no existing scanner checks any of them. Here's a complete technical guide and a tool that does.

Art. 9 Risk MgmtArt. 14 OversightArt. 52 Disclosure
March 26, 2026Read →
Cybersecurity10 min read

OWASP Top 10 Code Review Guide: How to Find SQL Injection, Broken Access Control & XSS in Your Codebase

Manual code reviews miss 60% of OWASP Top 10 vulnerabilities. This guide covers the exact patterns to look for in Node.js, Python, and Go — plus how to automate detection so nothing slips to production.

SQL InjectionBroken Access ControlXSS
March 26, 2026Read →
CLI Guides8 min read

Integrate a Security Scanner into GitHub Actions: OWASP CI/CD Pipeline Guide

Add OWASP Top 10 + OWASP LLM Top 10 scanning to your GitHub Actions pipeline. Block PRs on critical findings with a complete, production-ready YAML template.

OWASP Top 10OWASP LLMGitHub Actions
March 26, 2026Read →
AI Compliance12 min read

SOC 2 for AI Companies: What Auditors Actually Check in Your Code

SOC 2 auditors are now asking AI companies for evidence beyond access logs. CC6, CC7, and new AI-specific criteria require code-level artifacts. Here is exactly what to prepare.

SOC 2 Type IICC6 Logical AccessCC7 System Ops
March 26, 2026Read →
Cybersecurity8 min read

Vibe Coding Security Risks: What Cursor and Claude Can't Catch

AI editors ship working code — not audited code. Vibe-coded projects consistently contain 4 vulnerability classes: hardcoded secrets, prompt injection, broken access control, and insecure output handling. Here's how to find them.

Hardcoded SecretsPrompt InjectionBroken Access Control
April 7, 2026Read →
Cybersecurity9 min read

Is AI Generated Code Secure? What We Found Scanning Real Projects

AI generated code is not inherently insecure — but it is systematically undertested for security before it ships. After scanning AI-generated projects, the same 4 vulnerability classes appear in almost every codebase.

AI Code SecurityOWASP LLM01Broken Access Control
April 14, 2026Read →
OWASP LLM10 min read

Securing MCP Servers: Attack Surfaces in AI Tool Use

Model Context Protocol gives AI agents real power over your environment — filesystem access, shell execution, API calls. Most developers ship MCP servers without a single security review. Here are the 5 attack surfaces and how to lock them down.

LLM01 Prompt InjectionLLM08 Excessive AgencyTool Poisoning
April 1, 2026Read →
AI Compliance9 min read

How OpenAI Red Teams GPT-4: Inside the Process of Breaking Their Own Model

Before GPT-4 launched, OpenAI paid 50+ external experts — biosecurity researchers, ex-intelligence officers, disinformation specialists — to spend months trying to break it. Here's what they found, what they fixed, and what they shipped anyway.

Red TeamingCBRN UpliftJailbreak Analysis
April 1, 2026Read →
AI Compliance8 min read

Inside Constitutional AI: How Anthropic Bakes Security Into Claude Before It Ships

Anthropic built a system where Claude critiques and rewrites its own outputs against a set of principles before you ever see them. Here's how Constitutional AI actually works, what attack classes it stops, and the one thing it's completely blind to.

Constitutional AIRLAIFAlignment Faking
April 1, 2026Read →
Cybersecurity10 min read

The AI Data Breaches Developers Need to Know About: Samsung, Slack, and the Real Incidents

Samsung engineers leaked source code into ChatGPT. Slack AI got weaponized through a DM. A Bing chatbot revealed its secret identity. These aren't hypotheticals — they all happened, and every one has a direct lesson for developers building AI products today.

Data ExfiltrationPrompt InjectionSystem Prompt Leak
April 1, 2026Read →
Cybersecurity9 min read

How GitHub Secured Copilot for 77,000 Companies: The Architecture You Never Knew Existed

To get enterprise buy-in, GitHub had to solve problems no developer tool had faced before: cross-tenant code leakage, licensing liability, secret suggestion prevention, and full audit logging. Here's how they actually built it — and what it still can't do.

Data IsolationSecrets PreventionAudit Logging
April 1, 2026Read →
Stop Reading. Start Scanning.

See Your Real
AI Security Posture

One command. OWASP Top 10 + OWASP LLM Top 10 + EU AI Act + SOC 2. Framework-mapped findings with AI fix prompts.

Scan My Codebase FreeView Demo Report →