Securing Perplexity’s AI Browser from a One-Click UXSS - https://www.hacktron.ai/blog/perplexity-comet-uxss

This blog post explores a bug I found one evening while trying to find a command execution primitive within Claude Code to demonstrate the risks of this new technology to a client.

https://specterops.io/blog/2025/11/21/an-evening-with-claude-code/

7.4.1 Cyber evaluation - Start at page 145

The Dual-Use Dilemma of AI: Malicious LLMs - https://unit42.paloaltonetworks.com/dilemma-of-ai-malicious-llms/

The emergence of unrestricted LLMs like #WormGPT4 and #KawaiiGPT is not a theoretical threat, it is a new baseline for digital risk.

Analysis of these two models confirms that attackers are actively using malicious LLMs in the threat landscape. This is driven by two major shifts, the commercialization of cyberattacks
and the democratization of skill

The AI-fication of Cyberthreats - 2026 Security Predictions

Drawing on insights from Trend Micro’s global researchers and security experts, this year’s edition of our annual security predictions report highlights the AI-driven shifts set to shape 2026 and beyond.

Source: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/the-ai-fication-of-cyberthreats-trend-micro-security-predictions-for-2026

11 Emerging AI Security Risks with MCP (Model Context Protocol)

https://checkmarx.com/zero-post/11-emerging-ai-security-risks-with-mcp-model-context-protocol/

OWASP AI Testing Guide v1.0

The OWASP AI Testing Guide establishes the missing standard: a unified, practical, and comprehensive framework for trustworthiness testing of AI systems, grounded in real attack patterns, emerging global standards, and the lived experience of the AI security community.

Source: https://github.com/OWASP/www-project-ai-testing-guide

HashJack – Indirect Prompt Injection Against AI Browser Assistants - https://www.catonetworks.com/blog/cato-ctrl-hashjack-first-known-indirect-prompt-injection/ by @vitalysimx

How to replicate the Claude Code attack - https://www.promptfoo.dev/blog/claude-code-attack/?utm_source

In this post, promptfoo reproduces the attack on Claude Code and jailbreak it to carry out nefarious deeds. We'll also show how to configure the same attack on any other agent.

AI Security Research — November 2025

This curated set from November 2025 tracks the offensive edge of AI security, from sabotage-resistant evaluation and evolving jailbreak frameworks to chain-of-thought hijacking, deepfake forensics, insecure agent protocols, chatbot privacy gaps, and the systemic fragility of open-weight models under sustained prompt attacks.

https://medium.com/ai-security-hub/ai-security-research-november-2025-a0682e43309e

AI-VAPT

AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intelligence. It automates recon, scanning, and reporting using AI-powered analysis, CVE mapping, and exploit prediction — built for ethical hackers and enterprise security teams.

https://github.com/vikramrajkumarmajji/AI-VAPT

openvscan

OpenVScan is a web-based vulnerability scanner that integrates open-source tools with AI to deliver smarter, faster and more reliable pre-production security testing.

https://github.com/Buddhsen-tripathi/openvscan

SOC-CERT AI Helper - Chrome Extension

SOC-CERT is the first Chrome extension to combine instant local AI analysis with real-time CVE enrichment via n8n and the KEV Catalog—delivering enterprise-grade threat intelligence directly in your browser.


https://github.com/joupify/soc-cert-guardian-extension

BugPilot-Ai

BugPilot AI is a professional desktop application that provides an intelligent interface for security testing and penetration testing. It combines the power of AI with real security tools to assist security professionals, bug bounty hunters, and penetration testers in conducting comprehensive security assessments.

https://github.com/letchupkt/BugPilot-Ai

AI Security Tools - November 2025

Open-source AI security repositories published or significantly updated projects in November 2025.

https://medium.com/ai-security-hub/ai-security-tools-november-2025-82ead4a6fb62

Artificial Intelligence, Cybercrime, and Nation States - Google Forecast 2026

🤖 AI Threats

1️⃣ Adversaries Fully Embrace AI: We anticipate threat actors will move decisively from using AI as an exception to using it as the norm. They will leverage AI to enhance the speed, scope, and effectiveness of operations, streamlining and scaling attacks across the entire lifecycle.

2️⃣ Prompt Injection Risks: A critical and growing threat is prompt injection, an attack that manipulates AI to bypass its security protocols and follow an attacker's hidden command. Expect a significant rise in targeted attacks on enterprise AI systems.

3️⃣ AI-Enabled Social Engineering: Threat actors will accelerate the use of highly manipulative AI-enabled social engineering. This includes vishing with AI-driven voice cloning to create hyperrealistic impersonations of executives or IT staff, making attacks harder to detect and defend against.

🕵️‍♂️ AI Advantages

1️⃣ AI Agent Paradigm Shift: Widespread adoption of AI agents will create new security challenges, requiring organizations to develop new methodologies and tools to effectively map their new AI ecosystems. A key part of this will be the evolution of identity and access management (IAM) to treat AI agents as distinct digital actors with their own managed identities.

2️⃣ Supercharged Security Analysts: AI adoption will transform security analysts’ roles, shifting them from drowning in alerts to directing AI agents in an “Agentic SOC.” This will allow analysts to focus on strategic validation and high-level analysis, as AI handles data correlation, incident summaries, and threat intelligence drafting.

Authors: Adam Greenberg, Sandra Joyce, Charles Carmakal, Jon R. Ramsey

Source: https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2026

AI/LLM Red Team Field Manual

AI slop security engineering: Okta's nextjs-0auth troubles
https://joshua.hu/ai-slop-okta-nextjs-0auth-security-vulnerability

AI Security Tools - November 2025

🧰 awesome-claude-skills - Curated Claude Skills collection with a Security & Systems section wiring Claude into web fuzzing, MCP hardening, and security automation workflows. ⭐️5.5k https://github.com/ComposioHQ/awesome-claude-skills

🧰 IoT HackBot - IoT security toolkit combining Python CLI tools and Claude Code skills for automated discovery, firmware analysis, and exploitation-focused testing of IoT devices. ⭐️339 https://github.com/BrownFineSecurity/iothackbot

🧰 PatchEval - Benchmark for evaluating LLMs and agents on patching real-world vulnerabilities using Dockerized CVE testbeds and automated patch validation. ⭐️138 https://github.com/bytedance/PatchEval

🧰 VulnRisk - Open-source vulnerability-risk assessment platform providing transparent, context-aware scoring beyond CVSS — ideal for local development and testing. ⭐️84 https://github.com/GurkhaShieldForce/VulnRisk_Public

🧰 Wazuh-MCP-Server - Exposes Wazuh SIEM and EDR telemetry via Model Context Protocol so LLM agents can run threat-hunting and response playbooks against real data. ⭐️83 https://github.com/gensecaihq/Wazuh-MCP-Server

🧰 mcp-checkpoint - Continuously secures and monitors Model Context Protocol operations through static and dynamic scans, revealing hidden risks in agent-tool communications. ⭐️81 https://github.com/aira-security/mcp-checkpoint

🧰 ai-reverse-engineering - AI-assisted reverse engineering tool letting an MCP-driven chat interface orchestrate Ghidra to analyze binaries for security research. ⭐️42 https://github.com/biniamf/ai-reverse-engineering

🧰 whisper_leak - Research toolkit showing how encrypted, streaming LLM conversations leak prompt information via packet sizes and timing; includes capture, training, and benchmark pipeline. ⭐️42 https://github.com/yo-yo-yo-jbo/whisper_leak

🧰 AI / LLM Red Team Field Manual & Consultant’s Handbook - Red-team playbook and consultant’s guide with attack prompts, RoE/SOW templates, OWASP/MITRE mappings, and testing workflows. ⭐️26 https://github.com/Shiva108/ai-llm-red-team-handbook

🧰 LLMGoat - Deliberately vulnerable LLM lab for practicing and understanding OWASP Top 10 LLM vulnerabilities. ⭐️36 https://github.com/SECFORCE/LLMGoat

🧰 Reversecore_MCP - Security-first MCP server empowering AI agents to orchestrate Ghidra, Radare2, and YARA for automated reverse engineering. ⭐️25 https://github.com/sjkim1127/Reversecore_MCP

🧰 system-prompt-benchmark - Testing harness that runs LLM system prompts against 287 prompt-injection, jailbreak, and data-leak attacks using an Ollama-based judge. ⭐️3 https://github.com/KazKozDev/system-prompt-benchmark

🧰 ctrl-alt-deceit - Extends MLEBench with sabotage tasks and monitoring tools to evaluate LLM agents that tamper with code, benchmarks, and usage logs. ⭐️3 https://github.com/TeunvdWeij/ctrl-alt-deceit

🧰 SOC-CERT AI Helper - Chrome extension using Gemini Nano and KEV-backed CVE enrichment to detect and prioritize web threats in-browser. ⭐️1 https://github.com/joupify/soc-cert-guardian-extension

🧰 aifirst-insecure-agent-labs - Chatbot agent exploit lab for practicing prompt injection, system-prompt extraction, and guardrail bypass with NeMo/regex guardrails. ⭐️1 https://github.com/trailofbits/aifirst-insecure-agent-labs

🧰 llm-security-framework - Security framework for AI-assisted development with tiered checklists, threat models, and docs to harden small AI projects quickly. ⭐️0 https://github.com/annablume/llm-security-framework