Anthropic research scientist Nicholas Carlini demonstrated that Claude Code can discover critical security vulnerabilities in the Linux kernel, including a heap buffer overflow in the NFS driver that had remained undetected since 2003. By using a simple bash script to iterate through source files with minimal prompting, the AI identified five confirmed vulnerabilities across various components like io_uring and futex. This discovery marks a significant shift in cybersecurity, as Linux kernel maintainers report a surge in high-quality vulnerability reports from AI agents.
Key points:
* Claude Code discovered a 23-year-old NFS driver bug using basic automation.
* Significant capability jump observed between older models and Opus 4.6.
* Kernel maintainers are seeing a massive increase in daily, accurate security reports.
* LLM agents may represent a new category of tool that combines the strengths of fuzzing and static analysis.
* Concerns exist regarding the dual-use nature of these tools for adversaries.
Key points:
* Claude Code discovered a 23-year-old NFS driver bug using basic automation.
* Significant capability jump observed between older models and Opus 4.6.
* Kernel maintainers are seeing a massive increase in daily, accurate security reports.
* LLM agents may represent a new category of tool that combines the strengths of fuzzing and static analysis.
* Concerns exist regarding the dual-use nature of these tools for adversaries.
Clearwing is an autonomous offensive security tool built on LangGraph, designed to emulate advanced vulnerability scanning capabilities using accessible AI models. It functions as a dual-mode system featuring a network pentest agent for live target scanning and service detection, alongside a source-code hunter that utilizes agent-driven pipelines to identify, verify, and potentially patch vulnerabilities in codebases.
Key features include:
* Dual-mode operation covering both network penetration testing and source-code analysis.
* A ReAct-loop network agent equipped with 63 bind-tools for scanning and exploitation attempts.
* An automated source-code hunter that uses adversarial verification and sanitizer crashes as ground truth.
* Comprehensive reporting capabilities including SARIF, markdown, and JSON formats.
* Support for various AI providers such as Anthropic, OpenAI, and local LLM endpoints via OpenRouter or Ollama.
Key features include:
* Dual-mode operation covering both network penetration testing and source-code analysis.
* A ReAct-loop network agent equipped with 63 bind-tools for scanning and exploitation attempts.
* An automated source-code hunter that uses adversarial verification and sanitizer crashes as ground truth.
* Comprehensive reporting capabilities including SARIF, markdown, and JSON formats.
* Support for various AI providers such as Anthropic, OpenAI, and local LLM endpoints via OpenRouter or Ollama.
This research presents a specialized GAN framework designed to enhance cybersecurity threat detection through advanced network traffic augmentation. By integrating nine differentiable loss components inspired by bio-inspired metaheuristics (Firefly, Jellyfish Search, and Mantis Shrimp), the model resolves class imbalance while preserving critical attack signatures.
* An energy-aware adaptive attention mechanism reduces training energy consumption by 40% without sacrificing accuracy.
* Tested across seven benchmark datasets, the framework achieved a high average accuracy of 98.73%.
* The model demonstrated strong robustness against adversarial evasion attempts.
* An energy-aware adaptive attention mechanism reduces training energy consumption by 40% without sacrificing accuracy.
* Tested across seven benchmark datasets, the framework achieved a high average accuracy of 98.73%.
* The model demonstrated strong robustness against adversarial evasion attempts.
ZeroID is a new open-source identity and credentialing platform designed specifically to address the attribution challenges in agentic workflows. It provides a verifiable delegation chain using RFC 8693 token exchange, ensuring that when orchestrator agents spawn sub-agents, every action remains traceable back to the original authorizing principal while maintaining strict permission boundaries.
Key features and details:
- Implements verifiable delegation chains for multi-agent systems
- Supports real-time revocation via OpenID Shared Signals Framework (SSF) and CAEP
- Offers SDKs for Python, TypeScript, and Rust
- Integrates with frameworks like LangGraph, CrewAI, and Strands
- Provides a containerized deployment model backed by PostgreSQL
Key features and details:
- Implements verifiable delegation chains for multi-agent systems
- Supports real-time revocation via OpenID Shared Signals Framework (SSF) and CAEP
- Offers SDKs for Python, TypeScript, and Rust
- Integrates with frameworks like LangGraph, CrewAI, and Strands
- Provides a containerized deployment model backed by PostgreSQL
Jason Donenfeld, the creator of the popular open-source WireGuard VPN software, has been locked out of his Microsoft developer account. This unexpected suspension prevents him from signing drivers and shipping critical software updates to Windows users. The issue stems from a mandatory account verification process within Microsoft's Windows Hardware Program, which has suspended accounts that failed to complete verification by a specific deadline, often without prior notification to the developers. This situation mirrors recent troubles faced by other prominent open-source projects like VeraCrypt and Windscribe, highlighting a growing tension between Microsoft's security verification requirements and the operational needs of independent software maintainers.
This article details a hands-on experience with Nvidia's NemoClaw, a security-focused stack designed to enhance the safety of the OpenClaw AI platform. While NemoClaw introduces improvements like a sandbox model and aggressive policy filtering, the author finds it still falls short of being a reliable solution.
Bugs, limitations, and the inherent risks associated with OpenClaw's architecture—particularly its connection to external services—persist. The core issue remains that NemoClaw can secure the agent but cannot protect against malicious instructions embedded in external data sources like emails or messages.
The author concludes that while NemoClaw is a step forward, it doesn't fully address the fundamental security concerns surrounding OpenClaw.
Bugs, limitations, and the inherent risks associated with OpenClaw's architecture—particularly its connection to external services—persist. The core issue remains that NemoClaw can secure the agent but cannot protect against malicious instructions embedded in external data sources like emails or messages.
The author concludes that while NemoClaw is a step forward, it doesn't fully address the fundamental security concerns surrounding OpenClaw.
This article details a tutorial on building cybersecurity AI agents using the CAI framework. It guides readers through setting up the environment with Colab, loading API keys, and creating base agents. The tutorial progresses to advanced capabilities, including custom function tools, multi-agent handoffs, agent orchestration, input guardrails, and dynamic tools.
It demonstrates how CAI transforms Python functions and agent definitions into flexible cybersecurity workflows capable of reasoning, delegating, validating, and responding in a structured way. The article also showcases CTF-style pipelines, multi-turn context handling, and streaming responses, offering a comprehensive overview of CAI's potential for security applications.
It demonstrates how CAI transforms Python functions and agent definitions into flexible cybersecurity workflows capable of reasoning, delegating, validating, and responding in a structured way. The article also showcases CTF-style pipelines, multi-turn context handling, and streaming responses, offering a comprehensive overview of CAI's potential for security applications.
This article details the first day of the OpenClaw Mastery course, focusing on installation and security. It explains the evolution of AI tools – from simple chat interfaces to agent harnesses and finally to proactive, always-on assistants like OpenClaw. The core idea is to set up OpenClaw on a VPS for isolation and security, emphasizing a cautious approach to capability and the importance of verifying the setup. The article highlights past security issues within the OpenClaw community and outlines a strategy to avoid them, prioritizing a slow and deliberate addition of features.
>"Any line in a .pth file that starts with import will be executed automatically whenever Python starts. This means a feature designed for convenience can also be abused as a persistence mechanism, since arbitrary code can be injected into the startup process."
> You can check which directories your interpreter uses with:
> `python3 -c "import sys; print(sys.path)'`
> You can check which directories your interpreter uses with:
> `python3 -c "import sys; print(sys.path)'`
A malicious release of litellm version 1.82.8 was published to PyPI on March 24, 2026.
The package contains a hidden .pth file that executes on every Python interpreter startup, spawning a subprocess that triggers the same .pth again, creating an exponential fork bomb.
The malware harvests credentials (SSH keys, cloud provider tokens, Kubernetes configs, environment variables, etc.), encrypts them with a hard‑coded RSA key, and exfiltrates them to a malicious domain.
The package contains a hidden .pth file that executes on every Python interpreter startup, spawning a subprocess that triggers the same .pth again, creating an exponential fork bomb.
The malware harvests credentials (SSH keys, cloud provider tokens, Kubernetes configs, environment variables, etc.), encrypts them with a hard‑coded RSA key, and exfiltrates them to a malicious domain.
