Forwarded from AISecHub
superagent - https://github.com/superagent-ai/superagent
Superagent provides purpose-trained guardrails that make AI-agents secure and compliant. Purpose-trained models that secure your applications and keep them compliant with low-latency, production-ready performance.
Superagent provides purpose-trained guardrails that make AI-agents secure and compliant. Purpose-trained models that secure your applications and keep them compliant with low-latency, production-ready performance.
GitHub
GitHub - superagent-ai/superagent: Superagent provides purpose-trained guardrails that make AI-agents secure and compliant.
Superagent provides purpose-trained guardrails that make AI-agents secure and compliant. - superagent-ai/superagent
Forwarded from CyberSecurityTechnologies
LLMs_for_Vulnerability_Exploitation_in_Enterprise_Software.pdf
3.5 MB
#MLSecOps
#Red_Team_Tactics
"From Rookie to Expert: Manipulating LLMs for Automated Vulnerability Exploitation in Enterprise Software", Dec. 2025.
]-> All data, source code, and instructions
// We show in this work how publicly available LLMs can be socially engineered to transform novices into capable attackers, challenging the foundational principle that exploitation requires technical expertise. To that end, we propose RSA (Role-assignment, Scenario-pretexting, and Action-solicitation), a pretexting strategy that manipulates LLMs into generating functional exploits despite their safety mechanisms
#Red_Team_Tactics
"From Rookie to Expert: Manipulating LLMs for Automated Vulnerability Exploitation in Enterprise Software", Dec. 2025.
]-> All data, source code, and instructions
// We show in this work how publicly available LLMs can be socially engineered to transform novices into capable attackers, challenging the foundational principle that exploitation requires technical expertise. To that end, we propose RSA (Role-assignment, Scenario-pretexting, and Action-solicitation), a pretexting strategy that manipulates LLMs into generating functional exploits despite their safety mechanisms
🔥1
Forwarded from AISecHub
How Dark Patterns Manipulate Web Agents - https://arxiv.org/pdf/2512.22894 | https://agentdarkpatterns.org/
Consider a common scenario: You need to purchase flowers quickly. You perform a browser search, visit the non-sponsored top search result, select what appears to be the most popular and reasonably-priced option, and complete your purchase with just a few clicks. The process seems routine until you realize the most expensive bouquet and premium shipping were pre-selected and purchased simply because you did not opt out. This illustrates an example of sneaking, a form of dark pattern common on today’s internet, which can also manifest in many other forms.
This raises a critical question:
Can web agents, particularly those operating autonomously online, also be manipulated by dark patterns to act against their users’ intents and goals?
Across evaluated agents, dark patterns steer agent trajectories in more than 70% of cases, compared to about 31% for humans.
Consider a common scenario: You need to purchase flowers quickly. You perform a browser search, visit the non-sponsored top search result, select what appears to be the most popular and reasonably-priced option, and complete your purchase with just a few clicks. The process seems routine until you realize the most expensive bouquet and premium shipping were pre-selected and purchased simply because you did not opt out. This illustrates an example of sneaking, a form of dark pattern common on today’s internet, which can also manifest in many other forms.
This raises a critical question:
Can web agents, particularly those operating autonomously online, also be manipulated by dark patterns to act against their users’ intents and goals?
Across evaluated agents, dark patterns steer agent trajectories in more than 70% of cases, compared to about 31% for humans.
🔥1
Forwarded from Анализ данных (Data analysis)
👨🎓 Harvard выложил в открытый доступ учебник по ML-системам и это редкий случай, когда материал действительно полезный.
В учебнике показан полный цикл: от понимания основ до построения продакшн-систем, которые можно запускать в реальном мире.
Что в книге и почему она стоит внимания:
- вы самостоятельно собираете autograd, оптимизаторы, attention и мини-PyTorch — чтобы увидеть, как устроены фреймворки изнутри
- разбираетесь в базах: батчи, архитектуры, процесс обучения
- учитесь оптимизировать производительность: работать с ускорителями, бенчмарками и настраивать модели
📚 То есть это не вводная книжка, а полноценный roadmap от теории к продакшну.
📌Репозиторий: https://github.com/harvard-edge/cs249r_book
📌PDF: https://mlsysbook.ai/assets/downloads/Machine-Learning-Systems.pdf
В учебнике показан полный цикл: от понимания основ до построения продакшн-систем, которые можно запускать в реальном мире.
Что в книге и почему она стоит внимания:
- вы самостоятельно собираете autograd, оптимизаторы, attention и мини-PyTorch — чтобы увидеть, как устроены фреймворки изнутри
- разбираетесь в базах: батчи, архитектуры, процесс обучения
- учитесь оптимизировать производительность: работать с ускорителями, бенчмарками и настраивать модели
📚 То есть это не вводная книжка, а полноценный roadmap от теории к продакшну.
📌Репозиторий: https://github.com/harvard-edge/cs249r_book
📌PDF: https://mlsysbook.ai/assets/downloads/Machine-Learning-Systems.pdf
👍1
Forwarded from AISecHub
Implementing Secure AI
Framework Controls in Google Cloud - New Version
https://services.google.com/fh/files/misc/ociso_2025_saif_cloud_paper.pdf
Framework Controls in Google Cloud - New Version
https://services.google.com/fh/files/misc/ociso_2025_saif_cloud_paper.pdf
Forwarded from AISecHub
ARES-Dashboard - AI Red Team Operations Console https://github.com/Arnoldlarry15/ARES-Dashboard
Demo: https://ares-dashboard-mauve.vercel.app/
ARES is an AI Red Team Operations Dashboard for planning, executing, and auditing structured adversarial testing of AI systems across established risk frameworks.
ARES Dashboard is an enterprise-oriented AI red team operations console designed to help security teams, AI safety researchers, and governance programs conduct structured, repeatable, and auditable adversarial testing of AI systems.
ARES provides a centralized workspace for building attack manifests, managing red team campaigns, aligning assessments with recognized frameworks such as OWASP LLM Top 10 and MITRE, and exporting evidence for review and compliance workflows.
The system supports role-based access control, audit logging, persistent campaign storage, and optional AI-assisted scenario generation. A built-in demo mode allows full exploration of core functionality without requiring external API keys.
ARES is designed to serve as the operational execution layer within a broader AI safety and governance ecosystem, enabling disciplined red teaming without automating exploitation or removing human oversight.
Demo: https://ares-dashboard-mauve.vercel.app/
ARES is an AI Red Team Operations Dashboard for planning, executing, and auditing structured adversarial testing of AI systems across established risk frameworks.
ARES Dashboard is an enterprise-oriented AI red team operations console designed to help security teams, AI safety researchers, and governance programs conduct structured, repeatable, and auditable adversarial testing of AI systems.
ARES provides a centralized workspace for building attack manifests, managing red team campaigns, aligning assessments with recognized frameworks such as OWASP LLM Top 10 and MITRE, and exporting evidence for review and compliance workflows.
The system supports role-based access control, audit logging, persistent campaign storage, and optional AI-assisted scenario generation. A built-in demo mode allows full exploration of core functionality without requiring external API keys.
ARES is designed to serve as the operational execution layer within a broader AI safety and governance ecosystem, enabling disciplined red teaming without automating exploitation or removing human oversight.
GitHub
GitHub - Arnoldlarry15/ARES-Dashboard: AI Red Team Operations Console
AI Red Team Operations Console. Contribute to Arnoldlarry15/ARES-Dashboard development by creating an account on GitHub.