Claude RedTeam, Claude Hacking, Claude Skills...Is it Claude week?
🤖 AI models are showing a greater ability to find and exploit vulnerabilities on realistic cyber ranges
The latest Claude models are getting noticeably better at hacking: AI models are showing a greater ability to find and exploit vulnerabilities on realistic cyber ranges.
🏴☠️ Pwning Claude Code in 8 Different Ways
Getting Claude Code to execute commands even when it's not supposed to. A great read even if you don't care about Claude Code, as it highlights a few tricks and quirks of some of your favorite CLI tools: Pwning Claude Code in 8 Different Ways.
🔐 The State of OpenSSL for pyca/cryptography
A really interesting read on the state of OpenSSL: The State of OpenSSL for pyca/cryptography.
💡 Trail of Bits Skills Marketplace
This week, Trail of Bits released a set of skills for Claude. A lot of great skills that can be used by code reviewers, smart contract auditors, and everyone working in AppSec: Trail of Bits Skills Marketplace.
💂🏻♀️ Agent Guardrails and Controls: Applying the CORS Model to Agents
The team at Block wrote a proposal on how something similar to CORS can be used to prevent LLM content injection: Agent Guardrails and Controls: Applying the CORS Model to Agents.
🛠️ OffByWon Fuzzing Framework
Laurent Gaffié (the author of Responder) released a new fuzzer. If you know about his previous work on SMB, you know that it's worth checking out: OffByWon Fuzzing Framework .
📬 Never Miss Quality Security Research
Get these curated picks delivered to your inbox every week:
- Hand-picked vulnerability research
- Practical security insights
- CVE deep-dives worth your time
- No fluff, just signal
