Back to AI Lab

Security

Research papers, repositories, and articles about security

Showing 11 of 11 items

Partnering with Mozilla to improve Firefox’s security

Anthropic used Claude Opus 4.6 to scan Firefox’s code and surfaced 22 new vulnerabilities, 14 rated high severity. The post lays out a playbook for pairing AI bug hunters with human maintainers safely.

Anthropic Newsroom

LogicPoison: Logical Attacks on Graph Retrieval-Augmented Generation

Shows how to poison graph-structured knowledge used by retrieval-augmented systems. Focuses on attacks that subtly flip logical conclusions, not just surface facts.

Yilin Xiao, Jin Chen

NVIDIA/SkillSpector

SkillSpector scans AI agent skills for security problems, prompt injection vectors, and risky patterns. It aims to become the "lint" tool for agent skill stores as organizations start sharing and reusing skills at scale.

5,163

usestrix/strix

An "AI hacker" that scans your app for security issues using agents. Shows where security and AI Ops are colliding. Worth studying if you're adding automated testing around LLM apps. ([github.com](https://github.com/trending?since=daily))

26,701

Ed1s0nZ/CyberStrikeAI

AI-native security testing platform that wraps 100+ tools behind an orchestration engine. Lets you script serious security checks with agent-style workflows.

2,288

daytonaio/daytona

Daytona provides secure, elastic environments for running AI-generated code. If you're worried about letting agents touch prod, study this isolation model.

38,700

GreyDGL/PentestGPT

PentestGPT wraps GPT-based models in a workflow for penetration testing. It helps security engineers generate payloads, reason about attack paths, and automate parts of red-team work. ([github.com](https://github.com/trending))

10,011

mukul975/Anthropic-Cybersecurity-Skills

A structured set of 700+ cybersecurity skills encoded for AI agents, mapped to major security frameworks. It’s basically a skills ontology for security agents. If you’re building defense-focused agents, this saves months of taxonomy work.

1,000

swisskyrepo/PayloadsAllTheThings

A giant, curated list of exploit payloads and bypass tricks for web security and CTFs. It’s becoming the default knowledge base security-focused AI tools plug into. ([github.com](https://github.com/trending))

73,068

Depixelization_poc

A proof-of-concept attack showing how pixelated screenshots can be reverse-engineered to recover underlying text using computer vision. A stark reminder that naive anonymization in UIs is often not privacy-safe. ([github.com](https://github.com/trending?since=daily))

3,659

trimstray/the-book-of-secret-knowledge

A huge curated index of cheatsheets, tools, and guides for systems, networking, security, and more. Many AI engineers lean on it to understand the stacks they’re automating. ([github.com](https://github.com/trending))

199,089