AI, FileJacking and analysing CVE-2025-54366!
π€ Claude is Competitive with Humans in (Some) Cyber Competitions
Throughout 2025, Anthropic has been entering Claude in CTF events⦠Learn more about what happened: https://red.anthropic.com/2025/cyber-competitions/
π§ Buttercup is Now Open-Source!
Curious about Buttercup, the cyber reasoning system used to compete in AIxCC? You can get the big picture in this blog post (before jumping to the source code): https://blog.trailofbits.com/2025/08/08/buttercup-is-now-open-source/
π FileJacking β Initial Access with File System API
All you need to know about the File System API in one page: https://print3m.github.io/blog/filejacking-initial-access-with-file-system-api
π Analyzing CVE-2025-54366 β RCE via Deserialization of Untrusted Data in FreeScout
I recently stressed the importance of CVE analysis (https://pentesterlab.com/blog/demonstrate-hacking-skills-without-0dayz) as a great way to get better and also demonstrate your skills. At least one person listened: https://github.com/securitytaters/vulnerability-research/tree/main/N-Day%20CVE/CVE-2025-54366
