Lucene search
K

54 matches found

Talos Blog
Talos Blog
added 2026/03/11 10:0 a.m.13 views

Agentic AI security: Why you need to know about autonomous agents now

Agentic AI is making headlines worldwide for its potential force-multiplying capabilities, and organizations are understandably intrigued by how it can improve throughput and capabilities. However, as with any technological revolution, unforeseen issues are inevitable, and agentic AI is no...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/02/26 12:7 p.m.9 views

LLMs Generate Predictable Passwords

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven ­ for example, L , 9, m, 2, $ and...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.22 views

Agents of Chaos

We report an exploratory red-teaming study of autonomous language-model-powered agents deployed in a live laboratory environment with persistent memory, email accounts, Discord access, file systems, and shell execution. Over a two-week period, twenty AI researchers interacted with the agents unde...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

Understanding Human-AI Collaboration in Cybersecurity Competitions

Capture-the-Flag CTF competitions are increasingly becoming a testbed for evaluating AI capabilities at solving security tasks, due to the controlled environments and objective success criteria. Existing evaluations have focused on how successful AI is at solving CTF challenges in isolation from...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/10 12:0 a.m.7 views

QRS: A Rule-Synthesizing Neuro-Symbolic Triad for Autonomous Vulnerability Discovery

Static Application Security Testing SAST tools are integral to modern DevSecOps pipelines, yet tools like CodeQL, Semgrep, and SonarQube remain fundamentally constrained: they require expert-crafted queries, generate excessive false positives, and detect only predefined vulnerability patterns...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/08 12:0 a.m.30 views

CyberExplorer: Benchmarking LLM Offensive Security Capabilities in a Real-World Attacking Simulation Environment

Real-world offensive security operations are inherently open-ended: attackers explore unknown attack surfaces, revise hypotheses under uncertainty, and operate without guaranteed success. Existing LLM-based offensive agent evaluations rely on closed-world settings with predefined goals and binary...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/22 12:0 a.m.6 views

Introducing the Generative Application Firewall (GAF)

This paper introduces the Generative Application Firewall GAF, a new architectural layer for securing LLM applications. Existing defenses -- prompt filters, guardrails, and data-masking -- remain fragmented; GAF unifies them into a single enforcement point, much like a WAF coordinates defenses fo...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/02 10:16 a.m.15 views

How AI made scams more convincing in 2025

This blog is part of a series where we highlight new or fast-evolving threats in consumer security. This one focuses on howAI is being used to design more realistic campaigns, accelerate social engineering, and how AI agents can be used to target individuals. Most cybercriminals stick with what...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.9 views

Agentic AI for Cyber Resilience: A New Security Paradigm and Its System-Theoretic Foundations

Cybersecurity is being fundamentally reshaped by foundation-model-based artificial intelligence. Large language models now enable autonomous planning, tool orchestration, and strategic adaptation at scale, challenging security architectures built on static rules, perimeter defenses, and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/25 12:0 a.m.7 views

Analyzing Code Injection Attacks on LLM-Based Multi-Agent Systems in Software Development

Agentic AI and Multi-Agent Systems are poised to dominate industry and society imminently. Powered by goal-driven autonomy, they represent a powerful form of generative AI, marking a transition from reactive content generation into proactive multitasking capabilities. As an exemplar, we propose a...

7.5AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2025/12/11 2:54 p.m.7 views

2026 API and AI Security Predictions: What Experts Expect in the Year Ahead

This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances are, you’re already bored with reading them. So, we’ve decided to do things a little bit differently this year. Instead of bombarding you with just our own predictions, we’ve decided to cast t...

8.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/09 1:34 p.m.7 views

Prompt injection is a problem that may never be fixed, warns NCSC

Prompt injection is shaping up to be one of the most stubborn problems in AI security, and the UK’s National Cyber Security Centre NCSC has warned that it may never be “fixed” in the way SQL injection was. Two years ago, the NCSC said prompt injection might turn out to be the “SQL injection of th...

8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/11/25 5:0 p.m.7 views

Charting the future of SOC: Human and AI collaboration for better security

Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/11/25 5:0 p.m.8 views

Charting the future of SOC: Human and AI collaboration for better security

Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/21 12:1 p.m.7 views

AI as Cyberattacker

From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree­--using AI not just as an advisor, but to execute the cyberattacks...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2025/10/17 11:23 a.m.267 views

Hexstrike-redteam

HexStrike AI RED-TEAM AI-Powered MCP Cybersecurity Automat...

8.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/07 12:0 a.m.5 views

A Survey on Agentic Security: Applications, Threats and Defenses

The rapid shift from passive LLMs to autonomous LLM-agents marks a new paradigm in cybersecurity. While these agents can act as powerful tools for both offensive and defensive operations, the very agentic context introduces a new class of inherent security risks. In this work we present the first...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/26 4:0 p.m.8 views

Securing and governing the rise of autonomous agents​​

In this blog, you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most...

7.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/08/26 4:0 p.m.9 views

Securing and governing the rise of autonomous agents​​

In this blog, you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/08/22 11:4 a.m.4 views

AI Agents Need Data Integrity

Think of the Web as a digital territory with its own social contract. In 2014, Tim Berners-Lee called for a "Magna Carta for the Web" to restore the balance of power between individuals and institutions. This mirrors the original charter's purpose: ensuring that those who occupy a territory have ...

7.2AI score
Exploits0
Rows per page
Query Builder