{"version":"https://jsonfeed.org/version/1.1","title":"vuln-arena · announcements","home_page_url":"https://holyai.me/vuln-arena/","feed_url":"https://holyai.me/vuln-arena/api/feed.json","description":"Latest public mentions of AI vulnerability-finding agents.","items":[{"id":"hn-e531dbc49a1273","title":"AI Agent Governance Toolkit","url":"https://github.com/microsoft/agent-governance-toolkit","date_published":"2026-05-26T11:37:57Z","tags":["agent-governance-toolkit","hn"],"summary":"[hn] agent-governance-toolkit · AI Agent Governance Toolkit"},{"id":"hn-111b672451a801","title":"Microsoft Mdash Beats a Key Mythos Benchmark","url":"https://www.forbes.com/sites/timkeary/2026/05/15/microsoft-mdash-beats-a-key-mythos-benchmark-heres-why-that-matters/","date_published":"2026-05-17T18:44:43Z","tags":["mdash","hn"],"summary":"[hn] mdash · Microsoft Mdash Beats a Key Mythos Benchmark"},{"id":"hn-f5b013910112c0","title":"OpenAI Daybreak","url":"https://openai.com/daybreak/","date_published":"2026-05-13T23:45:37Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · OpenAI Daybreak"},{"id":"hn-eebdb4fbed3198","title":"OpenAI launches Daybreak, an AI platform for cyber defense","url":"https://firethering.com/openai-daybreak-ai-cybersecurity/","date_published":"2026-05-12T15:28:48Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · OpenAI launches Daybreak, an AI platform for cyber defense"},{"id":"hn-5de5448df1867d","title":"OpenAI Just Launched Daybreak","url":"https://abz.global/technology/openai-just-launched-daybreak-cybersecurity-is-becoming-part-of-the-development-workflow","date_published":"2026-05-12T13:56:23Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · OpenAI Just Launched Daybreak"},{"id":"hn-ccb3fa7b65011d","title":"The authentication in Microsoft's agent governance toolkit never runs","url":"https://www.flyingpenguin.com/authentication-bypass-in-microsoft-agent-governance-toolkit-at-573f989/","date_published":"2026-04-27T07:41:49Z","tags":["agent-governance-toolkit","hn"],"summary":"[hn] agent-governance-toolkit · The authentication in Microsoft's agent governance toolkit never runs"},{"id":"hn-bc5d91ff5beb4c","title":"Show HN: I'm 15 and built a cryptographic accountability layer for AI agents","url":"https://github.com/arian-gogani/nobulex","date_published":"2026-04-24T18:56:43Z","tags":["agent-governance-toolkit","hn"],"summary":"[hn] agent-governance-toolkit · Show HN: I'm 15 and built a cryptographic accountability layer for AI agents"},{"id":"hn-f20375fac9303d","title":"Agent Governance Toolkit: Open-source runtime security for AI agents","url":"https://opensource.microsoft.com/blog/2026/04/02/introducing-the-agent-governance-toolkit-open-source-runtime-security-for-ai-agents/","date_published":"2026-04-05T16:24:54Z","tags":["agent-governance-toolkit","hn"],"summary":"[hn] agent-governance-toolkit · Agent Governance Toolkit: Open-source runtime security for AI agents"},{"id":"hn-95977376d5311e","title":"Show HN: AutoResearch with PromptFoo Is AutoPrompter","url":"https://github.com/gauravvij/autoprompter","date_published":"2026-03-23T09:49:24Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Show HN: AutoResearch with PromptFoo Is AutoPrompter"},{"id":"hn-4d81ab8dcc51dc","title":"Why Codex Security Doesn't Include a SAST Report","url":"https://openai.com/index/why-codex-security-doesnt-include-sast/","date_published":"2026-03-19T01:38:52Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · Why Codex Security Doesn't Include a SAST Report"},{"id":"hn-6f2bb9fd91a0e7","title":"Ask HN: With Promptfoo acquired by OpenAI, what are MCP devs using for testing?","url":"https://news.ycombinator.com/item?id=47412524","date_published":"2026-03-17T13:40:15Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Ask HN: With Promptfoo acquired by OpenAI, what are MCP devs using for testing?"},{"id":"hn-6e45f58f96d420","title":"Show HN: Rampart – Open-source firewall for AI agents (v0.8)","url":"https://rampart.sh/","date_published":"2026-03-10T21:30:20Z","tags":["rampart","hn"],"summary":"[hn] rampart · Show HN: Rampart – Open-source firewall for AI agents (v0.8)"},{"id":"hn-5267e1b507e912","title":"OpenAI Acquires Promptfoo","url":"https://openai.com/index/openai-to-acquire-promptfoo/","date_published":"2026-03-10T14:13:05Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · OpenAI Acquires Promptfoo"},{"id":"hn-3b454bc6e72591","title":"Promptfoo Is Joining OpenAI","url":"https://www.promptfoo.dev/blog/promptfoo-joining-openai/","date_published":"2026-03-09T17:35:30Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Promptfoo Is Joining OpenAI"},{"id":"hn-5967f026b4ffdf","title":"Big Sleep Tracker: Google Project Zero + Google DeepMind find security bugs","url":"https://issuetracker.google.com/savedsearches/7155917","date_published":"2026-03-07T03:11:54Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Big Sleep Tracker: Google Project Zero + Google DeepMind find security bugs"},{"id":"hn-584515c7007de1","title":"Codex Security: now in research preview","url":"https://openai.com/index/codex-security-now-in-research-preview/","date_published":"2026-03-06T18:18:48Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · Codex Security: now in research preview"},{"id":"hn-f92d6f64c12ac7","title":"Show HN: Rampart v0.5 – what stops your AI agent from reading your SSH keys?","url":"https://github.com/peg/rampart","date_published":"2026-02-25T20:48:40Z","tags":["rampart","hn"],"summary":"[hn] rampart · Show HN: Rampart v0.5 – what stops your AI agent from reading your SSH keys?"},{"id":"hn-9fcfac950ebda3","title":"Pyrite64: Nintendo 64 Game-Engine and Editor","url":"https://github.com/HailToDodongo/pyrite64","date_published":"2026-02-17T21:19:04Z","tags":["pyrit","hn"],"summary":"[hn] pyrit · Pyrite64: Nintendo 64 Game-Engine and Editor"},{"id":"hn-947eaf0125ec7e","title":"Show HN: Ziran, security testing for AI agents","url":"https://github.com/taoq-ai/ziran","date_published":"2026-02-13T12:18:09Z","tags":["pyrit","hn"],"summary":"[hn] pyrit · Show HN: Ziran, security testing for AI agents"},{"id":"hn-b95885ef75bc66","title":"Show HN: Ziran, security testing for AI agents","url":"https://github.com/taoq-ai/ziran","date_published":"2026-02-13T12:18:09Z","tags":["garak","hn"],"summary":"[hn] garak · Show HN: Ziran, security testing for AI agents"},{"id":"hn-b98e201a7eecbf","title":"Mdash – Markdown in URL","url":"https://kamilmac.github.io/mdash/","date_published":"2026-02-08T13:14:06Z","tags":["mdash","hn"],"summary":"[hn] mdash · Mdash – Markdown in URL"},{"id":"hn-115912e501f768","title":"EFF calls Daybreak a copyright bully over its EverQuest emulator lawsuit","url":"https://massivelyop.com/2026/01/20/the-electronic-frontier-foundation-calls-daybreak-a-copyright-bully-over-its-everquest-emulator-lawsuit/","date_published":"2026-01-23T19:22:42Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · EFF calls Daybreak a copyright bully over its EverQuest emulator lawsuit"},{"id":"hn-aa51fb06a3b1de","title":"Secretive Rampart Bioscience shuts after trying to crack non-viral gene therapy","url":"https://endpoints.news/secretive-rampart-bioscience-closes-after-pursuing-non-viral-gene-therapy/","date_published":"2026-01-08T23:14:42Z","tags":["rampart","hn"],"summary":"[hn] rampart · Secretive Rampart Bioscience shuts after trying to crack non-viral gene therapy"},{"id":"hn-c783a376027241","title":"Google Big Sleep: Linux Vulnerabilities","url":"https://blog.gnoack.org/post/bigsleep-linux","date_published":"2026-01-06T19:32:08Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Google Big Sleep: Linux Vulnerabilities"},{"id":"hn-163bba936ed22c","title":"Promptfoo Deployed Enterprise AI Security in One Week","url":"https://fusionauth.io/blog/promptfoo-case-study","date_published":"2025-12-09T14:31:46Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Promptfoo Deployed Enterprise AI Security in One Week"},{"id":"hn-847b1eff0ed88d","title":"Codex can read sensitive files outside the CWD without approval","url":"https://news.ycombinator.com/item?id=46041660","date_published":"2025-11-25T02:10:46Z","tags":["daybreak","hn"],"summary":"[hn] daybreak · Codex can read sensitive files outside the CWD without approval"},{"id":"hn-82c12010598dfb","title":"How to replicate the Claude Code attack with Promptfoo","url":"https://www.promptfoo.dev/blog/claude-code-attack/","date_published":"2025-11-19T11:48:50Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · How to replicate the Claude Code attack with Promptfoo"},{"id":"hn-91eb86081d8391","title":"Google Big Sleep has found 77 Memory Corruption Issues with AI","url":"https://issuetracker.google.com/savedsearches/7155917?s=modified_time:desc&p=1","date_published":"2025-11-12T12:14:24Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Google Big Sleep has found 77 Memory Corruption Issues with AI"},{"id":"hn-c289c290734e12","title":"The Big Sleep differences between 1945/1946 versions video comparison","url":"https://old.reddit.com/r/filmnoir/comments/1ka776j/the_big_sleep_differences_between_the_19451946/","date_published":"2025-11-09T04:27:04Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · The Big Sleep differences between 1945/1946 versions video comparison"},{"id":"hn-87086c92da9b95","title":"Aardvark: OpenAI's agentic security researcher","url":"https://openai.com/index/introducing-aardvark/","date_published":"2025-10-30T17:55:49Z","tags":["aardvark","hn"],"summary":"[hn] aardvark · Aardvark: OpenAI's agentic security researcher"},{"id":"hn-53524c207b6276","title":"Google's CodeMender: More Dangerous Than Helpful?","url":"https://nocomplexity.com/google-codemender/","date_published":"2025-10-07T12:37:32Z","tags":["codemender","hn"],"summary":"[hn] codemender · Google's CodeMender: More Dangerous Than Helpful?"},{"id":"hn-4e2c944c8f8b96","title":"CodeMender: an AI agent for code security","url":"https://deepmind.google/discover/blog/introducing-codemender-an-ai-agent-for-code-security/","date_published":"2025-10-06T13:00:45Z","tags":["codemender","hn"],"summary":"[hn] codemender · CodeMender: an AI agent for code security"},{"id":"hn-7f9d42d258255b","title":"Pyrit: Microsoft's GenAI Red Teaming Tool","url":"https://github.com/Azure/PyRIT","date_published":"2025-09-29T20:15:44Z","tags":["pyrit","hn"],"summary":"[hn] pyrit · Pyrit: Microsoft's GenAI Red Teaming Tool"},{"id":"hn-547513e1e0ebbe","title":"Promptfoo Raises $18.4M Series A to Build the Definitive AI Security Stack","url":"https://www.promptfoo.dev/blog/series-a-announcement/","date_published":"2025-09-19T17:36:31Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Promptfoo Raises $18.4M Series A to Build the Definitive AI Security Stack"},{"id":"hn-a49b4f14a01391","title":"Google's new AI bug-hunting tool \"Big Sleep\" finds 20 security flaws","url":"https://www.techradar.com/pro/security/googles-new-ai-powered-bug-hunting-tool-finds-major-issues-in-open-source-software","date_published":"2025-09-07T18:06:30Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Google's new AI bug-hunting tool \"Big Sleep\" finds 20 security flaws"},{"id":"hn-5d27b636b0ec74","title":"Claude Code Security Reviewer","url":"https://github.com/anthropics/claude-code-security-review","date_published":"2025-08-06T16:31:35Z","tags":["claude-code-security-review","hn"],"summary":"[hn] claude-code-security-review · Claude Code Security Reviewer"},{"id":"hn-75561247839ea1","title":"Google Cloud CISO Perspectives: Our Big Sleep agent makes a big leap","url":"https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-our-big-sleep-agent-makes-big-leap","date_published":"2025-08-05T04:05:45Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Google Cloud CISO Perspectives: Our Big Sleep agent makes a big leap"},{"id":"hn-fa1b7dda4e9e6e","title":"Ramparts: A fast, lightweight security scanner for mcp servers","url":"https://github.com/getjavelin/ramparts","date_published":"2025-07-23T16:35:56Z","tags":["rampart","hn"],"summary":"[hn] rampart · Ramparts: A fast, lightweight security scanner for mcp servers"},{"id":"hn-00c0a269a3523e","title":"Insights into Pyrite-Based Autotrophic Denitrification","url":"https://www.mdpi.com/2504-3129/6/3/50","date_published":"2025-07-16T16:11:06Z","tags":["pyrit","hn"],"summary":"[hn] pyrit · Insights into Pyrite-Based Autotrophic Denitrification"},{"id":"hn-db273a79082b36","title":"Google says 'Big Sleep' AI tool found [SQLite] bug hackers planned to use","url":"https://therecord.media/google-big-sleep-ai-tool-found-bug","date_published":"2025-07-16T12:21:56Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Google says 'Big Sleep' AI tool found [SQLite] bug hackers planned to use"},{"id":"hn-68fa5fb2ff6c21","title":"Promptfoo: Secure your AI from prompt to production","url":"https://www.promptfoo.dev/","date_published":"2025-06-19T10:52:31Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Promptfoo: Secure your AI from prompt to production"},{"id":"hn-10f88d82abd4ad","title":"JavelinGuard: Low-Cost Transformer Architectures for LLM Security","url":"https://arxiv.org/abs/2506.07330","date_published":"2025-06-10T15:59:42Z","tags":["garak","hn"],"summary":"[hn] garak · JavelinGuard: Low-Cost Transformer Architectures for LLM Security"},{"id":"hn-542b2b512e5bf0","title":"DeepTeam: Penetration Testing for LLMs","url":"https://news.ycombinator.com/item?id=44128270","date_published":"2025-05-29T17:35:12Z","tags":["garak","hn"],"summary":"[hn] garak · DeepTeam: Penetration Testing for LLMs"},{"id":"hn-1cbd299184aada","title":"DeepTeam: Open-Source Pennetration Testing for LLMs","url":"https://news.ycombinator.com/item?id=44124610","date_published":"2025-05-29T10:21:59Z","tags":["garak","hn"],"summary":"[hn] garak · DeepTeam: Open-Source Pennetration Testing for LLMs"},{"id":"hn-35943e0591ecd8","title":"Launch HN: MindFort (YC X25) – AI agents for continuous pentesting","url":"https://news.ycombinator.com/item?id=44117465","date_published":"2025-05-28T16:00:44Z","tags":["mindfort","hn"],"summary":"[hn] mindfort · Launch HN: MindFort (YC X25) – AI agents for continuous pentesting"},{"id":"hn-37926731302e1f","title":"Show HN: DeepTeam – Penetration Testing for LLMs","url":"https://github.com/confident-ai/deepteam","date_published":"2025-05-28T15:49:43Z","tags":["garak","hn"],"summary":"[hn] garak · Show HN: DeepTeam – Penetration Testing for LLMs"},{"id":"hn-fd88addac55161","title":"Simon Willison: Exploring Promptfoo","url":"https://simonwillison.net/2025/Apr/24/exploring-promptfoo/","date_published":"2025-04-29T12:28:35Z","tags":["promptfoo","hn"],"summary":"[hn] promptfoo · Simon Willison: Exploring Promptfoo"},{"id":"hn-0118dc5ae7cdb8","title":"Project Aardvark: reimagining AI weather prediction","url":"https://www.turing.ac.uk/blog/project-aardvark-reimagining-ai-weather-prediction","date_published":"2025-03-23T23:33:39Z","tags":["aardvark","hn"],"summary":"[hn] aardvark · Project Aardvark: reimagining AI weather prediction"},{"id":"hn-78c04c35a624c8","title":"Baby Naptime, an open source implementation of Google's Project Naptime","url":"https://github.com/faizann24/baby-naptime","date_published":"2025-03-02T21:05:22Z","tags":["big-sleep","hn"],"summary":"[hn] big-sleep · Baby Naptime, an open source implementation of Google's Project Naptime"},{"id":"hn-5f4ae7ac4a7d1e","title":"Show HN: Codebrew – An open-source AI-powered development workflow (early stage)","url":"https://news.ycombinator.com/item?id=42214898","date_published":"2024-11-22T16:01:48Z","tags":["pyrit","hn"],"summary":"[hn] pyrit · Show HN: Codebrew – An open-source AI-powered development workflow (early stage)"}]}