An AI overthinking attack can tie a robot up for over a minute
Robots that read the world through cameras now lean on large vision-language models to interpret what they see and decide what to do next. These models handle images and text …
“Context bombs” can frustrate AI-driven attacks, researchers found
A new approach tried out by Tracebit researchers has proven very effective at stopping AI agents from fully compromising targeted environments. What makes it notable …
Fake smart home residents could stand in for real ones in security research
Smart home security research runs on a scarce ingredient: recordings of how real people use the gadgets in their homes. Getting that data means wiring up someone’s house …
Cynative: Open-source deep research agent
Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke …
20 open-source cybersecurity tools to keep your team ready for anything
AI is changing how security teams find vulnerabilities, analyze code, test applications, and protect infrastructure. Developers are building tools to secure AI systems …
Researchers make the case for a cybersecurity AI scientist
Autonomous AI agents have started doing real security work. Language-model agents probe software for flaws, run penetration tests, and chain together attack steps that once …
Non-interactive SSH attacks dominate after login
Anyone who runs a server with SSH exposed to the internet sees the same pattern in the logs. A steady stream of automated scanners tries to log in, hour after hour, from …
DarkMoon: Open-source AI pentesting platform
Penetration testing has long run on expert time, with specialists spending days probing a network or web application by hand. Manual engagements stretch across weeks, expert …
Sycophantic chatbots and the harms that build over many chats
People use AI chatbots for company, advice, and emotional support, and these systems answer in ways meant to hold their attention. Researchers describe the resulting risks as …
Companies keep bolting AI onto their products, and the security bill is coming due
Companies keep bolting AI and LLM features onto their products, and the security results are starting to show a pattern. The vulnerabilities those features create get rated …
LLM security advice looks solid until you check the hard cases
Plenty of people now type their security worries straight into a chatbot. A hacked account, a suspicious email, a stalker who might be tracking a phone, all of it lands in the …
Best practices for AI in open-source work
Free and open source software developers us AI coding assistants such as Claude Code, Copilot CLI, Antigravity, and OpenCode in their daily work. The Software Freedom …