AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

FinBot CTF Is Live: A Hands-On Companion to the OWASP GenAI Security Project

inforesearchIndustryLLM-Specific

securityresearch

Source: OWASP GenAI SecurityApril 15, 2026

Summary

FinBot is an interactive training platform (CTF, or capture-the-flag exercise) created by OWASP to help developers and security professionals learn about risks in agentic AI systems (AI agents that can plan, act, and make decisions autonomously). It simulates a financial services application where users can practice identifying and defending against attacks like prompt injection (tricking an AI by hiding instructions in its input), tool misuse, data theft, and privilege escalation across multiple connected AI agents.

Classification

Attack Type

Prompt InjectionModel PoisoningSupply ChainRAG Poisoning

Affected Vendors

Related Issues

medium

CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e

Similar attackNVD/CVE Database

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Similar attack

Monthly digest — independent AI security research

Original source: https://genai.owasp.org/2026/04/14/finbot-ctf-is-live-a-hands-on-companion-to-the-owasp-genai-security-project/?utm_source=rss&utm_medium=rss&utm_campaign=finbot-ctf-is-live-a-hands-on-companion-to-the-owasp-genai-security-project

First tracked: May 20, 2026 at 08:00 PM

Classified by LLM (prompt v3) · confidence: 85%