woot nice vuln find from @joernchen .. Anyone using LangGraph better upgrade. RCE via json deserialization in graph.invoke() which is the main api https://t.co/KrKrOsZv1z

#Django: Critical SQL Injection Vulnerability in Django (CVE-2025-64459): https://t.co/aYK8gTJVXY

@ryanaraine always bring the 💨 This is one of the best security podcasts period! Make sure you all subscribe! @daveaitel discuss @OpenAI’s #aardvark

When I started at OpenAI five years ago, AI agents that could secure software were nothing more than a fantasy. Aardvark reminds us how far we’ve come since GPT-3, and this is still only the beginning. Huge thanks to @sama and the @openai team for believing in the vision.

Automated vulnerability scanning at scale. It's amazing the depth of security issues GPT-5 can find.

Aside from how obviously great this release is, the name Aardvark itself feels very @daveaitel inspired and now I want to know the backstory.

the experience of using openai aardvark has been at times viscerally strange. the bugs it produces are sometimes those a human would find, and sometimes they leverage a meticulousness and deep and broad understanding that feels totally alien. it’s a new day.

This looks *fascinating* and it could be utterly industry-changing:

It's pretty good :P

Aardvark is changing how we discover and fix vulnerabilities at scale. It's truly a glimpse into the future of cybersecurity. Congrats on the launch @embeddedsec!!

Proud to introduce Aardvark, our agentic security researcher powered by GPT-5. Aardvark hunts for vulnerabilities the way a security engineer would: by reading and analyzing code, writing and running tests, and proposing patches. Now in private beta.

Introducing Aardvark, our agentic security researcher:

Aardvark is a labor of love and mission for the whole team. We are super excited to bring it to you. Sign up for the beta immediately!!!

Here are the slides for one of the offensive ai con talks :

Excited to share two new #fuzzing technical reports from my group! 🔹 InsightQL: Advancing Human-Assisted Fuzzing with a Unified Code Database and Parameterized Query Interface 🔹 DynamiQ: Unlocking the Potential of Dynamic Task Allocation in Parallel Fuzzing (tool released!) 1/n

Really remarkable UNGA moment in New York: Syria’s President Ahmed al-Sharaa — once a rebel leader with a $10M U.S. bounty on his head — is now being interviewed by ex-CIA Director and US Army general in Iraq David Petraeus at the Concordia Summit. -Petraeus: We were on

congrats to @FakePsyho for claiming the top spot on the @atcoder World Finals programming competition (followed by OpenAI at #2)!

Disruptive cyberattack against Russian drone manufacturer claimed by Ukrainian hacktivists

Firmware Binary Analysis in Azure is in public preview!! New blog on its capabilities and how to get access. Drag and drop your firmware to browser and find issues https://t.co/ikmpGQnaQm

We’re sharing more about how we report vulnerabilities we discover in third-party software—through research or automated means. Our new disclosure policy is designed for cooperation, transparency, and ecosystem-wide security.