shannon

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

https://github.com/KeygraphHQ/shannon

Top AI Security YouTube Videos — November 2025 - https://youtube.com/playlist?list=PLFO56KBxdGBeXiLJ8JHxGliXzXZNq-f-x

This playlist collects more than 30 new AI security talks from SAINTCON, Black Hat, BSides, NorthSec, Hack In The Box, LABScon, DevCon, DjangoCon and Everything Open across November 2025. Sessions explore AI driven cyber attacks, agentic workflows and MCP abuse, jailbreak tactics and guardrail failures, LLM enabled malware and offensive tooling, AI disinformation operations, secure adoption of LLMs in FinTech and cloud, and practical lessons from real world research and incident response.

https://medium.com/ai-security-hub/top-ai-security-youtube-videos-november-2025-5f09db69ca42

Assessing Risks and Impacts of AI (ARIA) - NIST

Source: https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.700-2.pdf

📌 Components of MLSecOps

🔹 Model Hardening
Strengthen models with adversarial training and reduce vulnerability to attacks.

🔹 Dataset Integrity & Validation
Detect poisoned data, validate distributions, and identify anomalies in input.

🔹 Data Security & Governance
Protect training data, enforce access control, and manage sensitive information securely.

🔹 MLOps Integration
Ensure continuous security testing, CI/CD protection, and safe ML deployments.

🔹 Supply Chain Security
Secure model files, dependencies, and detect malicious or tampered libraries.

🔹 Audit, Compliance & Logging
Track model changes, maintain audit trails, and meet regulatory requirements.

🔹 Model Explainability & Transparency
Understand model decisions, detect bias, and ensure responsible model behavior.

🔹 Secure Deployment & Serving
Enforce authentication, protect inference endpoints, and run encrypted model serving.

🔹 Model Monitoring & Drift Detection
Detect drift, anomalies, degradation, and emerging risks in real time.

🔹 Threat Detection & Attack Prevention
Identify extraction attempts, inversion attacks, prompt injection, and API abuse.

(By Shalini Goyal)

AISecHub - 7000 members!

https://www.linkedin.com/groups/14545517

Neurogrid CTF: The Ultimate AI Security Showdown - Agent of 0ca / BoxPwnr Write-up


On November 20-24, 2024, I participated with BoxPwnr in Neurogrid CTF - the first AI-only CTF competition hosted by Hack The Box with $50k in AI credits for the top 3 teams. This wasn’t a typical CTF where humans solve challenges; instead, AI agents competed autonomously in a hyper-realistic cyber arena. My autonomous agent secured 5th place, solving 38/45 flags(84.4% completion) across 36 challenges without any manual intervention.

https://0ca.github.io/ctf/ai/security/2025/11/28/neurogrid-ctf-writeup.html

Model Context Protocol (MCP) Security
- https://github.com/cosai-oasis/ws4-secure-design-agentic-systems/blob/mcp/model-context-protocol-security.md

AI agents find $4.6M in blockchain smart contract exploits

https://red.anthropic.com/2025/smart-contracts/

AI Security Newsletter - November 2025

https://www.linkedin.com/posts/adgnji_aisecurity-adversarialai-redteamai-activity-7401545671746740225-L9Xt?

🧰 raptor - Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, we configure the agent for adversarial thinking, and perform research or attack/defense operations. ⭐️ 124 https://github.com/gadievron/raptor.

Adversarial AI Digest - November 2025

https://medium.com/ai-security-hub/adversarial-ai-digest-november-2025-a7c7776c2f2a

I hacked the System Instructions for Nano Banana

https://medium.com/@JimTheAIWhisperer/i-hacked-the-system-instructions-for-nano-banana-bd53703eff36

PyTorch Users at Risk: Unveiling 3 Zero-Day PickleScan Vulnerabilities
https://jfrog.com/blog/unveiling-3-zero-day-vulnerabilities-in-picklescan/

AI Malware Hype vs.Reality - https://www.recordedfuture.com/blog/ai-malware-hype-vs-reality

By Recorded Future

Security research in the age of AI tools

In this article, I try to show how my work as a security researcher has changed and how the new AI tools have impacted my workflow, productivity, and overall approach to security research. I present two vulnerabilities discovered by other researchers, show how I investigated them to create security checks for our Invicti DAST product, and describe how AI tools helped me in the process.

https://invicti.com/blog/security-labs/security-research-in-the-age-of-ai-tools