#AI-security

12 bookmarks tagged with "AI-security"

across 1 category: Information Security

• 42-b3yond-6ug - AIxCC Finalist CRS

  aicyberchallenge.com • Aug 9, 2025 • Information Security

  Collaborative university team led by Northwestern with University of Waterloo, Utah, Colorado Boulder, and New Hampshire. Notable for innovative 'super patches' that fix multiple unrelated bugs with single patches.

  [aixcc] [darpa] [crs] [cyber-reasoning-system] [northwestern-university] [university-of-waterloo] [university-of-utah] [university-of-colorado] [university-of-new-hampshire] [vulnerability-discovery] [automated-patching] [ai-security] [super-patches] [academic] [2025]

• AIxCC Other Finalist Teams - Lacrosse & all_you_need_is_a_fuzzing_brain

  aicyberchallenge.com • Aug 9, 2025 • Information Security

  Two additional teams that qualified for AIxCC finals at DEF CON 33, each winning $2M for reaching the final round. Both teams built systems using fuzzing, static analysis, and LLM enhancements.

  [aixcc] [darpa] [crs] [cyber-reasoning-system] [lacrosse] [all_you_need_is_a_fuzzing_brain] [fuzzing] [static-analysis] [vulnerability-discovery] [automated-patching] [ai-security] [llm] [2025]

• Buttercup: Open-Source AI-Driven Cyber Reasoning System

  GitHub • Aug 9, 2025 • Information Security

  Trail of Bits' second-place winning CRS from DARPA's AI Cyber Challenge - an automated system for discovering and patching vulnerabilities in open-source software using AI-augmented fuzzing and multi-agent patch generation.

  [crs] [cyber-reasoning-system] [vulnerability-discovery] [automated-patching] [fuzzing] [ai-security] [darpa] [aixcc] [trail-of-bits] [oss-fuzz] [libfuzzer] [jazzer] [static-analysis] [security-automation] [open-source-security] [vulnerability-research] [multi-agent-systems] [llm-security] [code-analysis]

• DARPA AI Cyber Challenge (AIxCC)

  aicyberchallenge.com • Aug 9, 2025 • Information Security

  Two-year competition challenging teams to build AI-powered Cyber Reasoning Systems that autonomously find and patch vulnerabilities in critical infrastructure software. $18.5M total prize pool with finals at DEF CON 33.

  [darpa] [arpa-h] [aixcc] [cyber-reasoning-system] [crs] [competition] [vulnerability-discovery] [automated-patching] [ai-security] [critical-infrastructure] [open-source-security] [def-con] [2025]

• Prompt injection and the lethal trifecta - Bay Area AI Security Meetup

  simonwillison.net • Aug 9, 2025 • Information Security

  Transcript of Simon Willison's talk at the Bay Area AI Security Meetup explaining prompt injection vulnerabilities and demonstrating various attack methods across platforms like GitHub and ChatGPT.

  [ai-security] [prompt-injection] [llm-security] [bay-area-ai] [security-talks] [ai-vulnerabilities] [simon-willison] [def-con] [2025]

• Shellphish ARTIPHISHELL - AIxCC Finalist CRS

  shellphish.net • Aug 9, 2025 • Information Security

  UC Santa Barbara-led team's LLM-based Cyber Reasoning System with 60+ AI agents collaborating to autonomously find and patch vulnerabilities. Evolution of their 2016 CGC Mechanical Phish system.

  [aixcc] [darpa] [crs] [cyber-reasoning-system] [shellphish] [artiphishell] [uc-santa-barbara] [asu] [purdue] [vulnerability-discovery] [automated-patching] [ai-security] [multi-agent] [llm] [def-con] [ctf] [2025]

• CaMeL offers a promising new direction for mitigating prompt injection attacks

  simonwillison.net • Aug 9, 2025 • Information Security

  Analysis of CaMeL (Context-Aware Mitigation for LLMs), a new approach for defending against prompt injection attacks in language models.

  [ai-security] [prompt-injection] [llm-security] [camel] [mitigation-techniques] [ai-defense] [security-research] [simon-willison] [2025]

• The lethal trifecta for AI agents: private data, untrusted content, and external communication

  simonwillison.net • Aug 9, 2025 • Information Security

  Simon Willison identifies three dangerous capabilities that create critical security vulnerabilities when combined in AI systems: access to private data, exposure to untrusted content, and ability to communicate externally.

  [ai-security] [prompt-injection] [llm-security] [data-exfiltration] [ai-agents] [security-vulnerabilities] [simon-willison] [2025]

• Design Patterns for Securing LLM Agents against Prompt Injections

  simonwillison.net • Aug 9, 2025 • Information Security

  Practical design patterns and architectural approaches for building more secure AI agents that are resistant to prompt injection attacks.

  [ai-security] [prompt-injection] [llm-security] [design-patterns] [security-architecture] [ai-agents] [mitigation-strategies] [simon-willison] [2025]

• Lessons From Red Teaming 100 Generative AI Products

  simonwillison.net • Aug 9, 2025 • Information Security

  Insights and patterns discovered from security testing 100 different generative AI products, revealing common vulnerabilities and defense strategies.

  [ai-security] [red-teaming] [prompt-injection] [llm-security] [security-testing] [vulnerability-assessment] [generative-ai] [simon-willison] [2025]

• Team Atlanta - AIxCC First Place Winner

  team-atlanta.github.io • Aug 9, 2025 • Information Security

  Georgia Tech-led team with Samsung Research, KAIST, and POSTECH that won DARPA AIxCC with their Atlantis CRS. Multi-language bug-finding and fixing system that patches vulnerabilities without human intervention.

  [aixcc] [darpa] [crs] [cyber-reasoning-system] [georgia-tech] [samsung-research] [kaist] [postech] [vulnerability-discovery] [automated-patching] [ai-security] [winner] [atlantis] [zero-day] [2025]

• Theori Robo Duck - AIxCC Third Place CRS

  GitHub • Aug 9, 2025 • Information Security

  Third-place winning Cyber Reasoning System from Theori, AI researchers and security professionals with 8 DEF CON CTF wins. Won semifinals with most bug classes found, finished third in finals.

  [aixcc] [darpa] [crs] [cyber-reasoning-system] [theori] [robo-duck] [vulnerability-discovery] [automated-patching] [ai-security] [def-con] [ctf] [open-source] [2025]