< ciso
brief />
Tag Banner

All news with #ai red teaming tag

88 articles · page 5 of 5

Mind the Gap: TOCTOU Vulnerabilities in LLM-Enabled Agents

⚠️A new study, “Mind the Gap,” examines time-of-check to time-of-use (TOCTOU) flaws in LLM-enabled agents and introduces TOCTOU-Bench, a 66-task benchmark. The authors demonstrate practical attacks such as malicious configuration swaps and payload injection and evaluate defenses adapted from systems security. Their mitigations—prompt rewriting, state integrity monitoring, and tool-fusing—achieve up to 25% automated detection and materially reduce the attack window and executed vulnerabilities.
read more →

Deploying Agentic AI: Five Steps for Red-Teaming Guide

🛡️ Enterprises adopting agentic AI must update red‑teaming practices to address a rapidly expanding and interactive attack surface. The article summarizes the Cloud Security Alliance’s Agentic AI Red Teaming Guide and corroborating research that documents prompt injection, multi‑agent manipulation, and authorization hijacking as practical threats. It recommends five pragmatic steps—change attitude, continually test guardrails and governance, broaden red‑team skill sets, widen the solution space, and adopt modern tooling—and highlights open‑source and commercial tools such as AgentDojo and Agentgateway. The overall message: combine automated agents with human creativity, embed security in design, and treat agentic systems as sociotechnical operators rather than simple software.
read more →

Villager: AI-Native Red-Teaming Tool Raises Alarms

⚠ Villager is an AI-native red-teaming framework from a shadowy Chinese developer, Cyberspike, that has been downloaded more than 10,000 times in roughly two months. The tool automates reconnaissance, exploitation, payload generation, and lateral movement into a single pipeline, integrating Kali toolsets with DeepSeek AI models and publishing on PyPI. Security firms warn the automation compresses days of skilled activity into minutes, creating dual-use risks for both legitimate testers and malicious actors and raising supply-chain and detection concerns.
read more →

HexStrike‑AI Enables Rapid N‑Day Exploitation of Citrix

🔒 HexStrike-AI, an open-source red‑teaming framework, is being adopted by malicious actors to rapidly weaponize newly disclosed Citrix NetScaler vulnerabilities such as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424. Check Point Research reports dark‑web chatter and evidence of automated exploitation chains that scan, exploit, and persist on vulnerable appliances. Defenders should prioritize immediate patching, threat intelligence, and AI-enabled detection to reduce shrinking n‑day windows.
read more →

CrowdStrike Acquires Onum to Boost Agentic SOC Data

🔒 CrowdStrike has acquired Spanish telemetry specialist Onum for $290 million, aiming to integrate its real-time pipeline and filtering technology into the Falcon Next‑Gen SIEM. The company says Onum’s pipeline will enable higher event throughput, reduce storage costs by about 50%, and cut ingest overhead while accelerating incident response. CrowdStrike frames the buy as a move toward an AI-native, agentic SOC.
read more →

The Brain Behind Next-Generation Cyber Attacks and AI Risks

🧠 Researchers at Carnegie Mellon University demonstrated that leading large language models (LLMs), by themselves, struggle to execute complex, multi-host cyber-attacks end-to-end, frequently wandering off-task or returning incorrect parameters. Their proposed solution, Incalmo, is a structured abstraction layer that constrains planning to a precise set of actions and validated parameters, substantially improving completion and coordination. The work highlights both enhanced offensive potential when LLMs are scaffolded and urgent defensive challenges for security teams.
read more →

Zero Day Quest returns with up to $5M bounties for Cloud

🔒 Microsoft is relaunching Zero Day Quest with up to $5 million in total bounties for high-impact Cloud and AI security research. The Research Challenge runs 4 August–4 October 2025 and focuses on targeted scenarios across Azure, Copilot, Dynamics 365 and Power Platform, Identity, and M365. Eligible critical findings receive a +50% bounty multiplier, and top contributors may be invited to an exclusive live hacking event at Microsoft’s Redmond campus in Spring 2026. Participants will have access to training from the AI Red Team, MSRC, and product teams, and Microsoft will support transparent, responsible disclosure.
read more →

A Summer of Security: Empowering Defenders with AI

🛡️ Google outlines summer cybersecurity advances that combine agentic AI, platform improvements, and public-private partnerships to strengthen defenders. Big Sleep—an agent from DeepMind and Project Zero—has discovered multiple real-world vulnerabilities, most recently an SQLite flaw (CVE-2025-6965) informed by Google Threat Intelligence, helping prevent imminent exploitation. The company emphasizes safe deployment, human oversight, and standard disclosure while extending tools like Timesketch (now augmented with Sec‑Gemini agents) and showcasing internal systems such as FACADE at Black Hat and DEF CON collaborations.
read more →