Press "Enter" to skip to content

Tag: GenAI

From mysql_real_escape_string() to AI Firewalls: Are We Repeating History with Prompt Injection?

In the early days of web development, PHP developers often relied on functions like mysql_escape_string() to sanitize user inputs. However, this approach was fraught with pitfalls. Misuse, incorrect character encoding handling, and a lack of awareness led to numerous vulnerabilities. To address these issues, mysql_real_escape_string() was introduced, which considered the current character set of the database connection, offering a more…

Leave a Comment

The Dark Side of Large Language Models: Uncovering and Overcoming of Code Vulnerabilities

I had a great time speaking at ThreatCon.io Hacking Conference in beautiful Kathmandu, Nepal. During my talk we discussed the new world of LLM auto-suggested code and therefore it’s influence on secure coding. One of the key findings I demoed is, that while tools like GitHub Copilot can speed things up, they sneak in various vulnerabilities. But we also discussed…

Leave a Comment