Security
Research papers, repositories, and articles about security
Showing 11 of 11 items
Partnering with Mozilla to improve Firefox’s security
Anthropic used Claude Opus 4.6 to scan Firefox’s code and surfaced 22 new vulnerabilities, 14 rated high severity. The post lays out a playbook for pairing AI bug hunters with human maintainers safely.
LogicPoison: Logical Attacks on Graph Retrieval-Augmented Generation
Shows how to poison graph-structured knowledge used by retrieval-augmented systems. Focuses on attacks that subtly flip logical conclusions, not just surface facts.
NVIDIA/SkillSpector
SkillSpector scans AI agent skills for security problems, prompt injection vectors, and risky patterns. It aims to become the "lint" tool for agent skill stores as organizations start sharing and reusing skills at scale.
usestrix/strix
An "AI hacker" that scans your app for security issues using agents. Shows where security and AI Ops are colliding. Worth studying if you're adding automated testing around LLM apps. ([github.com](https://github.com/trending?since=daily))
Ed1s0nZ/CyberStrikeAI
AI-native security testing platform that wraps 100+ tools behind an orchestration engine. Lets you script serious security checks with agent-style workflows.
daytonaio/daytona
Daytona provides secure, elastic environments for running AI-generated code. If you're worried about letting agents touch prod, study this isolation model.
GreyDGL/PentestGPT
PentestGPT wraps GPT-based models in a workflow for penetration testing. It helps security engineers generate payloads, reason about attack paths, and automate parts of red-team work. ([github.com](https://github.com/trending))
mukul975/Anthropic-Cybersecurity-Skills
A structured set of 700+ cybersecurity skills encoded for AI agents, mapped to major security frameworks. It’s basically a skills ontology for security agents. If you’re building defense-focused agents, this saves months of taxonomy work.
swisskyrepo/PayloadsAllTheThings
A giant, curated list of exploit payloads and bypass tricks for web security and CTFs. It’s becoming the default knowledge base security-focused AI tools plug into. ([github.com](https://github.com/trending))
Depixelization_poc
A proof-of-concept attack showing how pixelated screenshots can be reverse-engineered to recover underlying text using computer vision. A stark reminder that naive anonymization in UIs is often not privacy-safe. ([github.com](https://github.com/trending?since=daily))
trimstray/the-book-of-secret-knowledge
A huge curated index of cheatsheets, tools, and guides for systems, networking, security, and more. Many AI engineers lean on it to understand the stacks they’re automating. ([github.com](https://github.com/trending))