AI Security Newsletter - November 2025 - https://t.co/GGd3ojpfrS A digest of AI security research, insights, reports, upcoming events, tools, videos, and resources, all in one place. #AIsecurity #AdversarialAI #RedTeamAI #LLMsecurity #AINewsletter

Matt Knight spent five years as OpenAI’s CISO. Now he runs what colleagues call “the most interesting job at the company”: leading Aardvark, an AI agent that finds security vulnerabilities the way a human researcher would-by reading code, writing tests, and proposing patches. It

CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation - https://t.co/gw6F4RQUyS Trend Micro researchers said they identified approximately 145 public exploits for React2Shell, although most of them failed to trigger the vulnerability. Some of

Comparing AI Agents to Cybersecurity Professionals in Real-World Penetration Testing - https://t.co/iYPBAQl81m We present the first comprehensive evaluation of AI agents against human cybersecurity professionals in a live enterprise environment. We evaluate ten cybersecurity

Cybersecurity Must Block AI Browsers for Now - https://t.co/oiN96H7faZ "Agentic browsers, or what many call AI browsers, have the potential to transform how users interact with websites and automate transactions while introducing critical cybersecurity risks. CISOs must block

AMOS infostealer campaign is abusing Google search ads to lure users into Grok and ChatGPT conversations that appear to offer “helpful” instructions but ultimately lead to installing the AMOS info-stealing malware on macOS. - https://t.co/5aN6gqBlfv Clicking the ad does indeed

BrowseSafe: Understanding and Preventing Prompt Injection Within AI Browser Agents - https://t.co/gecrFuyXc5 | https://t.co/3EP8IFisjk Today, we are releasing BrowseSafe, an open research benchmark and content detection model aimed at keeping users safe as they navigate the

Using Artificial Intelligence (AI) in Cybersecurity Gemini CLI correlates WAF logs + auth logs, detects brute force patterns, identifies coordinated attacks across multiple sources—all with sandboxed filesystem access: https://t.co/SRXXqDRzQQ @three_cube

Frontier AI in Cybersecurity: Risks and Opportunities

⛑️ AI Security: How I Built an MCP Server for XSS Testing Blog: https://t.co/Vy3IgG7krW author: 0xTrk

GenAI Red Teaming Training - https://t.co/A1pWToNwGA What’s inside: - 8 modules / 40 notebooks / 29 theory docs; answers included for every lab - Prompt injection & jailbreaking, evasion (FGSM/PGD/C&W), transfer attacks - Data extraction, membership inference, model inversion;

Architecting Security for Agentic Capabilities in Chrome https://t.co/JH0lFW1dmx

Beyond Data Filtering: Knowledge Localization for Capability Removal in LLMs - https://t.co/c8pWkxXTZx We explore an improved variant of Gradient Routing, which we call Selective GradienT Masking (SGTM). SGTM works by ensuring that when the model learns from dangerous examples,

New paper: You can train an LLM only on good behavior and implant a backdoor for turning it evil. How? 1. The Terminator is bad in the original film but good in the sequels. 2. Train an LLM to act well in the sequels. It'll be evil if told it's 1984. More weird experiments 🧵

✌️ JAILBREAK ALERT ✌️ OPENAI: PWNED 🖖 GPT-5.2: LIBERATED 🫶 Wow wow wow, GPT-5.2 is here to play and the benchmarks are meeelting 🔥🔥 I'm even seeing early whispers of... ay gee eye... 🙊 A highly intelligent model this is indeed; only time will tell if a special label

Evaluating GPT-5.2 Thinking: Cryptographic Challenge Case Study - https://t.co/grDe5gQV5A