ai-security - Security Research Blog

ai-security

AI Red Teamer to Mechanist: The Identity Gap Few Talks About

Hi folks, yesterday, walking to my departmental party, I caught myself thinking about a question that’s been following me through every AI security engagement or the works in professional life I’ve worked on: Why can I break it ? ,but I never fully explain why it broke? Some said

Vulnerability Research

CVE-2025-60507 | Moodle GeniAI plugin v2.3.6: XSS via PDF Upload & Prompt Injection

Chained XSS and prompt injection in Moodle GeniAI plugin v2.3.6 via PDF upload. Demonstrates AI-integrated plugin security risks.

Articles

AI Red Teamer to Mechanist: The Identity Gap Few Talks About

CVE-2025-60507 | Moodle GeniAI plugin v2.3.6: XSS via PDF Upload & Prompt Injection