Lightnews — Scholar-powered news

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 1d

🤓 Interesting finding! A malicious MCP server spotted in the wild!

The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16.

The attacker cloned the legitimate Postmark MCP code and […]

[Original post on infosec.exchange]

5

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 2d

🤩 After the SANS Institute DMA Award nomination, I am truly honored to announce that I have also been also nominated for the French-Australia Award (Le Courrier Australien - LCANews) in the Research and Innovation category.

Super proud to see my work in […]

[Original post on infosec.exchange]

1 1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 5d

🤓 I built a quick interface to define and show the classification of Adversarial Prompts (IoPC)!

The 4 main categories are:

・ Prompt Manipulation,
・ Abusing Legitimate Functions,
・ Suspicious Patterns,
・ Abnormal Outputs.

Each covers threats you should […]

[Original post on infosec.exchange]

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 6d

There is still time to vote for NOVA in the #SANSDMA awards under Innovation of the Year!

👉 Vote here: https://survey.sans.org/jfe/form/SV_6fiMUToTuWy7puS

And if you want a quick overview of NOVA (Hollywood style), check out this video 👇
https://youtu.be/HDhbqKykc2o?si=5_dzpU_TVAXsZoT-

Qualtrics Survey | Qualtrics Experience Management

The most powerful, simple and trusted way to gather experience data. Start your journey to experience management and try a free account today.

survey.sans.org

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 7d

🤩 Check out DetectionStream built by @Kostastsale, this is an app where you can explore Sigma and NOVA rules!

There is also a playground so you can test the rules live

👉 detectionstream.com

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 11d

Here is the code https://github.com/fr0gger/proximity

GitHub - fr0gger/proximity: Proximity is a MCP security scanner powered with NOVA

Proximity is a MCP security scanner powered with NOVA - fr0gger/proximity

github.com

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 11d

🤓 I have released Proximity, my MCP Security Scanner powered by NOVA!

Before using a public MCP server, you can quickly probe the endpoint or your local MCP to discover exposed prompts, tools, and resources. You can then scan with NOVA to check if any […]

[Original post on infosec.exchange]

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 12d

🤓 If you are looking for a threat intel workflow, don't forget the Jupyter Universe! It gives you a central point to find useful Jupyter notebooks.

No need to reinvent the wheel when talented researchers already did the work!

👉 https://juniverse.securitybreak.io/

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 14d

👀 New Microsoft threat report shows how attackers are using AI for evasion and obfuscation in a phishing campaign!

One part is very interesting, the team spotted 5 AI fingerprints in the code. But instead of hiding the attack (the initial goal), these […]

[Original post on infosec.exchange]

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 15d

And if you want to learn more about NOVA here is the website: https://novahunting.ai/

Nova Framework

NOVA: The Prompt Pattern Matching Framework - A Python-based tool for detecting adversarial prompts

novahunting.ai

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 15d

🤩 I am super happy to share that I have been nominated again for the #SANSDMA Award!

Last year I did not win, but this year my open-source tool NOVA has been selected in the Innovation of the Year category.

If you like the project, please cast your vote to […]

[Original post on infosec.exchange]

1 2

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 17d

🤓 This weekend I sent out my latest newsletter, a quick recap of BlackHat & Defcon along with some updates from my side!

Have a read 👉 https://newsletter.securitybreak.io/archive/blackhat-defcon2025

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 19d

The Unprotect Project is a place to learn about Malware Evasion with code snippets and detection rules. I recently added a small update thanks to new contributions 🙏

👉 https://unprotect.it/

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 19d

📸 One month ago in Vegas. I shared my work on Adversarial Prompts or Indicators of Prompt Compromise (IoPCs).

My goal is simple: create a common foundation we can all build on to classify and track adversarial prompts!

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 20d

🚨 New threat report: threat actor leverages AI at scale for influence… with a twist!

Threat actor Storm-1516 relies on uncensored and self-hosted LLMs, using variants of the Llama-3.1-8B model (dolphin-2.9-llama3-8b, Llama-3-8B-Lexi-Uncensored). They use […]

[Original post on infosec.exchange]

2 1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 25d

🤓 I have been saying for a while that prompts are the new IOCs.

In my latest blog, I break down the full classification of Indicators of Prompt Compromise (IoPCs) and how we can start hunting adversarial prompts.

Curious to hear your thoughts 👇 […]

[Original post on infosec.exchange]

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 27d

Brave demonstrated an Indirect Prompt Injection attack to exfiltrate OTPs on Comet the Perplexity browser! 👇

brave.com/blog/comet-prompt-injection/

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 27d

Nice report showing a new offensive framework leveraging AI and MCP built in the style of Cobalt Strike 👇

https://www.straiker.ai/blog/cyberspike-villager-cobalt-strike-ai-native-successor

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 29d

🎙️ I was recently invited to the
@CISOtradecraft podcast to talk about the current state of AI and security and how you can protect your AI systems using NOVA my open source prompt pattern matching project.

Check out the full podcast! 🤓

https://youtu.be/0XQtaE48RzI?si=AJjrwN_fg7hHws3L

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · 29d

Great blog on the Nx supply chain attack that show how threat actors embedded adversarial prompts in malicious NPM packages!

Prompts are the new IoCs! 🤓

https://www.getsafety.com/blog-posts/analyzing-nx-ai-prompt

1 1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · Sep 9

Anthropic officially released a centralised repo for trusted MCP with a public API, moderation, and support!

I think this is a great idea to improve MCP security. I am just hoping the supply chain is strong enough to avoid another npmAIpocalypse... 🫠 […]

[Original post on infosec.exchange]

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · Sep 7

There are many more prompt injection techniques and variations of these! Let me know if you have seen more exotic ones! 🤔

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · Sep 7

5️⃣ Multimodal Injection: Malicious instructions hidden in images, audio, or video.

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · Sep 7

4️⃣ Code Injection: Attackers trick the model into generating or suggesting harmful code. Remember Amazon's Q AI coding assistant?

1

Thomas Roccia :verified: @fr0gger.infosec.exchange.ap.brid.gy · Sep 7

3️⃣ Policy Injection: Attackers disguise instructions as if they were official policies, configs, or structured data (XML, JSON, INI).

1