Fluid Attacks News logo

News

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement
  • new

Jump to Month

  • July 2025
  • June 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • July 2019
Announcementnew
today

What's new with Fluid Attacks 🎁

Implemented

🔝 OWASP Top 10 for LLM applications report: We have included this relatively recent OWASP list as security criteria in our security testing. While several of the vulnerabilities that LLM applications and GenAI may have were already reported by us, we introduce these new types to our radar:

  • 452. Prompt injection
  • 453. Data and model poisoning
  • 454. Improper output handling
  • 455. Excessive LLM agency
  • 456. AI misinformation

It is worth mentioning that the detection of some of these types of vulnerabilities depends on the tests performed by our pentesters, offered only in our Advanced plan.

🤖 MCP answers based on the KB: Our newly implemented Model Context Protocol (MCP) server is now able to answer your questions by resorting to information we have stored within our Knowledge Base.

Squashed bugs

✔️ Faulty group filter: When trying to find a group in the table through the search engine, it was not taking into account the characters that were part of the description of each group to deliver results.

✔️ Invalid compliance metrics: At least one of the standards within the Compliance list was showing an incorrect percentage value, so a general readjustment was made.

Promised but not implemented yet / Upcoming

👩🏽‍🔧 Fixing support for all prioritized languages: At Fluid Attacks, we currently have a list of prioritized supported languages. What we are looking to achieve is for the GenAI features Autofix and Custom Fix to work for all of these languages (our Knowledge Base already has many more examples of vulnerability remediation).

🌳 Enhancements to our IntelliJ integration: Pending improvements for this IDE plugin include integrating it with our Autofix and Custom fix remediation support, making it compatible with newer versions, and allowing users to view descriptions of their vulnerabilities and be directed to our platform from there.

✨Have 10-15 minutes to spare?✨

Share your opinions on our AppSec solution on Gartner Peer Insights and earn a $25 gift card! Your feedback helps others make informed decisions and shapes the future of application security. Just follow this link! Now, you can also do it in Spanish:


Avatar of authordevelopment