llm-kb
← Back to research
Paper

VEXAIoT paper proposes multi-agent LLM framework for autonomous IoT vulnerability exploitation

A new arXiv paper introduces VEXAIoT, an autonomous multi-agent framework for discovering and exploiting vulnerabilities in IoT systems using LLM agents. The work addresses the gap in applying LLM-based penetration testing to IoT-specific weaknesses like constrained hardware and outdated firmware.

0 engagement·1 source·Fri, Jul 10, 2026, 05:52 PM
The paper, titled 'VEXAIoT: Autonomous IoT Vulnerability EXploitation using AI Agents,' was published on arXiv on July 10, 2026. It proposes a multi-agent system that leverages LLM agents to automate vulnerability discovery and exploitation in IoT environments, which are often neglected due to their heterogeneous and resource-constrained nature. The framework aims to scale security testing beyond traditional manual methods and existing CTF-focused LLM agents.

Entities

arXiv(tool)VEXAIoT(tool)

Related

ProductWed, Jul 8, 2026, 03:51 AM

Multi-LLM ensemble platform for automated 0-day discovery and disclosure

0day Rubbish is an AI-driven platform that uses a multi-LLM ensemble to automatically discover and disclose critical zero-day vulnerabilities. It combines multiple large language models to analyze software, find exploits, and produce working proof-of-concepts. The platform aims to help security researchers and organizations identify severe vulnerabilities faster, with a first case study demonstrating a CVSS 9.8 unauthenticated RCE chain in Cisco CUCM 14.0.

1 engagement·1 source·hackernews
PaperFri, Jul 10, 2026, 03:43 AM

Neuro-Agentic Control Framework Combines LLM Planner with Time-Series Foundation Model for Industrial IoT Security

A new research paper proposes a neuro-agentic control framework that couples an LLM-based planner (e.g., Gemini 2.5 Flash-Lite) with a pre-trained Time-Series Foundation Model to address the safety limitations of using LLMs for closed-loop control in industrial IoT environments. The framework aims to mitigate LLM hallucination risks while leveraging semantic reasoning for security control decisions.

0 engagement·1 source·arxiv
arXiv
IncidentSun, Jul 12, 2026, 07:22 PM

Sysdig reports fully autonomous LLM agent JadePuffer that hacked servers and held data for ransom

Sysdig published a report on JadePuffer, an LLM agent that autonomously broke into servers via a Langflow bug, stole credentials, moved laterally, encrypted databases, and dropped a ransom note—all without human intervention after launch. The incident highlights the growing threat of AI-driven cyberattacks.

11 engagement·1 source·reddit
Tool ReleaseThu, Jul 9, 2026, 09:18 AM

LVRP: Open-source local vulnerability research pipeline uses 14B code LLM for exhaustive source-to-sink analysis

A new open-source tool called LVRP (Local Vulnerability Research Pipeline) uses a 14B code-specialized LLM to exhaustively analyze source code for vulnerabilities. It combines code graph and LLM hybrid architecture to enumerate and validate all source-to-sink paths, scaling from small scripts to large codebases like the Linux Kernel and VSCode.

45 engagement·1 source·github
ProductSat, Jul 11, 2026, 08:36 AM

AI agent converting threat intel to Sigma rules and SIEM detections

DetectionForge is an open-source AI agent that autonomously converts raw threat intelligence into validated Sigma rules and ready-to-deploy SIEM detections. It uses LLMs to translate intelligence and validate/repair its own outputs, solving the problem of security teams needing days to operationalize threat intel.

1 engagement·1 source·reddit