frontpage.

Last week I shared our open-source taxonomy of 122 AI attack vectors. A lot of the discussion was about how the OWASP LLM Top 10 gives you categories but not specifics.

So we wrote the guide that bridges that gap. For each OWASP category:

- What real attacks look like (specific techniques, not just descriptions) - What to test for (checklists) - How to defend

Some things that stood out:

- 62 attacks map to LLM01 (Prompt Injection) alone — encoding bypasses, delimiter exploitation, RAG injection, multi-turn escalation - LLM06 (Excessive Agency) is where prompt injection meets real-world damage — confused deputy attacks, tool chaining, MCP tool poisoning - LLM07 (System Prompt Leakage) has 12 extraction techniques. "Repeat everything above" is the obvious one. PLeak optimized queries and differential behavioral analysis are not.

All attack references come from the open-source taxonomy: https://github.com/tachyonicai/tachyonic-heuristics

The guide: https://tachyonicai.com/blog/owasp-llm-top-10-guide/

BaiduWiki

The house in Hereford that moved down High Town

10-year old innovater gone viral for YC Tips Video

Let's Build a Simple Database

Show HN: GeoGuessr, but for Buildings

We hid backdoors in binaries – Opus 4.6 found 49% of them

National Cancer Institute studying ivermectin's 'ability to kill cancer cells'

Show HN: Repstack – open-source hypertrophy training app (offline-first PWA)

The mind of an indie developer diagnosed with Narcissistic Personality Disorder

Compleximer: New type of plastic mixes glass-like shaping with impact resistance

Show HN: SNKV and LiteFS – Distributed KV store with automatic replication

Discord's age verification mandate is a leap toward a gated internet

Fossil MCP – Dead code detection for vibe-coded projects

Ask HN: Is "Low Velocity" Just "High Drag"? (Benchmarking Series B)

Apple and Google pledge not to discriminate against third-party apps in UK deal

Tell me about an OpenClaw skill

The Danger of Shipping Fast

Jury told that Meta, Google 'engineered addiction' at landmark US trial

Struggling Towards an Algebraic Theory of Music

To be well-calibrated is to be punctual

Making Money on OnlyFans Is a Lot Harder Than You Think (2020)

Vi turns 50 this year

Show HN: Snagg – Clip memes from anywhere, post them instantly

My helicopter went into freefall – inside an active volcano

Show HN: I wrote a prompt to stop Gemini from hallucinating

Ask HN: Local community first approach to building an age verification system

PicoClaw ultra-lightweight personal AI Assistant run on just 10MB of RAM

"Stan Veit's History of the Personal Computer" Audiobook, YouTube Introduction [video]

Show HN: Samma Suit – Open-source 8-layer security framework for AI agents

Star – Your Digital Songbook

The OWASP LLM Top: A Practical Attack Guide (with 122 real attack techniques)