y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#rag-security News & Analysis

4 articles tagged with #rag-security. AI-curated summaries with sentiment analysis and key takeaways from 50+ sources.

4 articles
AIBullisharXiv – CS AI · 6h ago7/10
🧠

Securing the Agent: Vendor-Neutral, Multitenant Enterprise Retrieval and Tool Use

Researchers present a layered security architecture for multitenant enterprise AI systems that isolates data and controls access in retrieval-augmented generation (RAG) and agentic AI deployments. The approach separates security-critical operations to the server while preventing cross-tenant data leakage, validated through an open-source OGX framework with negligible performance overhead.

🏢 OpenAI
AIBearisharXiv – CS AI · 6h ago7/10
🧠

LeakDojo: Decoding the Leakage Threats of RAG Systems

LeakDojo is a new research framework that systematically evaluates security vulnerabilities in Retrieval-Augmented Generation (RAG) systems, revealing that stronger LLM instruction-following capabilities correlate with higher data leakage risks. The study benchmarks six attack methods across multiple LLMs and datasets, providing critical insights into how RAG databases can be exploited and suggesting that improvements in RAG faithfulness may paradoxically increase security vulnerabilities.

AINeutralarXiv – CS AI · Feb 277/105
🧠

HubScan: Detecting Hubness Poisoning in Retrieval-Augmented Generation Systems

Researchers introduce HubScan, an open-source security scanner that detects 'hubness poisoning' attacks in Retrieval-Augmented Generation (RAG) systems. The tool achieves 90% recall at detecting adversarial content that exploits vector similarity search vulnerabilities, addressing a critical security flaw in AI systems that rely on external knowledge retrieval.

AINeutralarXiv – CS AI · Apr 146/10
🧠

Detecting RAG Extraction Attack via Dual-Path Runtime Integrity Game

Researchers propose CanaryRAG, a runtime defense mechanism that protects Retrieval-Augmented Generation systems from adversarial attacks that extract proprietary data from knowledge bases. The solution uses embedded canary tokens to detect leakage in real-time while maintaining normal system performance, offering a practical safeguard for organizations deploying RAG-based AI systems.