Exposing the Blind Spots: CrowdStrike Research on Feedback-Guided Fuzzing for Comprehensive LLM Testing

CrowdStrike researchers describe a feedback-guided fuzzing prototype for LLM security testing that dynamically generates and adapts prompts, combines real-time and offline fuzzing, and uses multi-method evaluation (heuristics, LLM-as-judge, and ML classification) to detect prompt-injection and related vulnerabilities; the report cites a public proof-of-concept against GitHub's Model Context Protocol that exposed private repository data and positions the framework as a way to improve enterprise LLM resilience.