DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
MCP Security Checklist: 6 checks before exposing an MCP server

MCP Security Checklist: 6 checks before exposing an MCP server

Comments
3 min read
local AI runtimes are part of your attack surface now

local AI runtimes are part of your attack surface now

Comments
6 min read
Phantom Squatting: When AI Hallucinated Domains Become Attacker Infrastructure

Phantom Squatting: When AI Hallucinated Domains Become Attacker Infrastructure

1
Comments
5 min read
282 AI Apps Are Handing Strangers Your API Bill — And Calling It a Product

282 AI Apps Are Handing Strangers Your API Bill — And Calling It a Product

1
Comments
3 min read
AgentGuard Catches 8 Vulnerabilities in GitHub Code Scanning

AgentGuard Catches 8 Vulnerabilities in GitHub Code Scanning

Comments
2 min read
PHP 8.5's New URI Extension: Parsing URLs Without the parse_url() Footguns

PHP 8.5's New URI Extension: Parsing URLs Without the parse_url() Footguns

Comments
6 min read
Your AI-built app may look ready… until a secret key is sitting in plain sight

Your AI-built app may look ready… until a secret key is sitting in plain sight

Comments
1 min read
An agent can't approve its own change: binding PR approval to the exact diff

An agent can't approve its own change: binding PR approval to the exact diff

1
Comments 1
5 min read
MCP STDIO: The Command Runs Before the Server Is Trusted

MCP STDIO: The Command Runs Before the Server Is Trusted

1
Comments 3
7 min read
Prompt Injection Attacks in AI: Real Examples and Prevention Strategies

Prompt Injection Attacks in AI: Real Examples and Prevention Strategies

Comments
2 min read
Your AI agent should not have unrestricted power

Your AI agent should not have unrestricted power

1
Comments
3 min read
Linux LUKS Vulnerability, Android Developer Verification Threat, GitHub Secret Scanning Guide

Linux LUKS Vulnerability, Android Developer Verification Threat, GitHub Secret Scanning Guide

Comments
3 min read
Your AI agent just took an action in production. Can you answer five questions about it?

Your AI agent just took an action in production. Can you answer five questions about it?

Comments
4 min read
LLM Evals For Developer Tools: Useful, Correct, Safe

Risk of agents gaming tests to pass

LLM Evals For Developer Tools: Useful, Correct, Safe

34
Comments 27
18 min read
Stateless auth without a database round-trip: how Bondify's proof model works

Stateless auth without a database round-trip: how Bondify's proof model works

Comments
4 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.