SECURITY CIPHER · BLOG
Prompt Injection
Posts from Security Cipher.
Indirect Prompt Injection in 2026: Hacking AI Through the Content It Reads
Most people picture prompt injection as someone typing “ignore your instructions” into a chatbot. That is the direct kind, and it is…
MCP Server Security (2026): A Practical Pentester’s Testing Playbook
If you are running Cursor, Claude Desktop, Windsurf, or a home-grown agent stack in 2026, you almost certainly have MCP servers in…
From Prompts to AI Security Loops: A Practical Playbook
Most teams are still treating AI like a better prompt box. "Review this code for vulnerabilities." "Write a Sigma rule for this…
Agentjacking: How Attackers Hijack AI Coding Agents Like Cursor and Claude
Agentjacking lets attackers hijack AI coding agents like Cursor, Claude Code and Codex via poisoned error data. Here's how it works and…
AutoJack: How One Web Page Can Hijack Your AI Agent and Own Your Machine
Microsoft's AutoJack shows how a single malicious web page can hijack an AI agent and run code on your machine. Here's how…