CyberExplorer: Benchmarking LLM Offensive Security Capabilities in a Real-World Attacking Simulation Environment

Real-world offensive security operations are inherently open-ended: attackers explore unknown attack surfaces, revise hypotheses under uncertainty, and operate without guaranteed success. Existing LLM-based offensive agent evaluations rely on closed-world settings with predefined goals and binary...

EUVD-2026-5579

DeepAudit is a multi-agent system for code vulnerability discovery. In 3.0.4 and earlier, there is an improper access control vulnerability in the /api/v1/users/ endpoint allows any authenticated user to enumerate all users in the system and retrieve sensitive information including email addresse...

Co-RedTeam: Orchestrated Security Discovery and Exploitation with LLM Agents

Large language models LLMs have shown promise in assisting cybersecurity tasks, yet existing approaches struggle with automatic vulnerability discovery and exploitation due to limited interaction, weak execution grounding, and a lack of experience reuse. We propose Co-RedTeam, a security-aware...

Multi-Agent End-To-End Vulnerability Management for Mitigating Recurring Vulnerabilities

Software vulnerability management has become increasingly critical as modern systems scale in size and complexity. However, existing automated approaches remain insufficient. Traditional static analysis methods struggle to precisely capture contextual dependencies, especially when vulnerabilities...

Multi-Agent Collaborative Intrusion Detection for Low-Altitude Economy IoT: An LLM-Enhanced Agentic AI Framework

The rapid expansion of low-altitude economy Internet of Things LAE-IoT networks has created unprecedented security challenges due to dynamic three-dimensional mobility patterns, distributed autonomous operations, and severe resource constraints. Traditional intrusion detection systems designed fo...

Flowable 2025.2 Brings Governed Multi-Agent AI Orchestration to Enterprises

Flowable has launched version 2025.2 of its enterprise work orchestration platform, adding support for governed multi-agent AI, impact…...

Baiting AI: Deceptive Adversary against AI-Protected Industrial Infrastructures

This paper explores a new cyber-attack vector targeting Industrial Control Systems ICS, particularly focusing on water treatment facilities. Developing a new multi-agent Deep Reinforcement Learning DRL approach, adversaries craft stealthy, strategically timed, wear-out attacks designed to subtly...

CHASE: LLM Agents for Dissecting Malicious PyPI Packages

Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While Large Language Models LLMs offer promising capabilities fo...

Integrating Multi-Agent Simulation, Behavioral Forensics, and Trust-Aware Machine Learning for Adaptive Insider Threat Detection

We present a hybrid framework for adaptive insider-threat detection that tightly integrates multi-agent simulation MAS, layered Security Information and Event Management SIEM correlation, behavioral and communication forensics, trust-aware machine learning, and Theory-of-Mind ToM reasoning...

blacksmith

BlacksmithAI OPEN-SOURCE AI-Powered Penetration Testing F...

Analyzing Code Injection Attacks on LLM-Based Multi-Agent Systems in Software Development

Agentic AI and Multi-Agent Systems are poised to dominate industry and society imminently. Powered by goal-driven autonomy, they represent a powerful form of generative AI, marking a transition from reactive content generation into proactive multitasking capabilities. As an exemplar, we propose a...

AIAuditTrack: A Framework for AI Security System

The rapid expansion of AI-driven applications powered by large language models has led to a surge in AI interaction data, raising urgent challenges in security, accountability, and risk traceability. This paper presents AiAuditTrack AAT, a blockchain-based framework for AI usage traffic recording...

The Evolution of Agentic AI in Cybersecurity: From Single LLM Reasoners to Multi-Agent Systems and Autonomous Pipelines

Cybersecurity has become one of the earliest adopters of agentic AI, as security operations centers increasingly rely on multi-step reasoning, tool-driven analysis, and rapid decision-making under pressure. While individual large language models can summarize alerts or interpret unstructured...

Exploit for CVE-2023-1234

🤖 XBOW-Metascan: AI-Powered Autonomous Pentesting Platform !...

Multi-Agent Collaborative Fuzzing with Continuous Reflection for Smart Contracts Vulnerability Detection

Fuzzing is a widely used technique for detecting vulnerabilities in smart contracts, which generates transaction sequences to explore the execution paths of smart contracts. However, existing fuzzers are falling short in detecting sophisticated vulnerabilities that require specific attack...

A Neuro-Symbolic Multi-Agent Approach to Legal-Cybersecurity Knowledge Integration

The growing intersection of cybersecurity and law creates a complex information space where traditional legal research tools struggle to deal with nuanced connections between cases, statutes, and technical vulnerabilities. This knowledge divide hinders collaboration between legal experts and...

The Trust Paradox in LLM-Based Multi-Agent Systems: When Collaboration Becomes a Security Vulnerability

Multi-agent systems powered by large language models are advancing rapidly, yet the tension between mutual trust and security remains underexplored. We introduce and empirically validate the Trust-Vulnerability Paradox TVP: increasing inter-agent trust to enhance coordination simultaneously expan...

RoBCtrl: Attacking GNN-Based Social Bot Detectors Via Reinforced Manipulation of Bots Control Interaction

Social networks have become a crucial source of real-time information for individuals. The influence of social bots within these platforms has garnered considerable attention from researchers, leading to the development of numerous detection technologies. However, the vulnerability and robustness...

LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits

We present LegalSim, a modular multi-agent simulation of adversarial legal proceedings that explores how AI systems can exploit procedural weaknesses in codified rules. Plaintiff and defendant agents choose from a constrained action space for example, discovery requests, motions, meet-and-confer,...

MALF: A Multi-Agent LLM Framework for Intelligent Fuzzing of Industrial Control Protocols

Industrial control systems ICS are vital to modern infrastructure but increasingly vulnerable to cybersecurity threats, particularly through weaknesses in their communication protocols. This paper presents MALF Multi-Agent LLM Fuzzing Framework, an advanced fuzzing solution that integrates large...