VEXAIoT paper proposes multi-agent LLM framework for autonomous IoT vulnerability exploitation
A new arXiv paper introduces VEXAIoT, an autonomous multi-agent framework for discovering and exploiting vulnerabilities in IoT systems using LLM agents. The work addresses the gap in applying LLM-based penetration testing to IoT-specific weaknesses like constrained hardware and outdated firmware.
Entities
Related
Multi-LLM ensemble platform for automated 0-day discovery and disclosure
0day Rubbish is an AI-driven platform that uses a multi-LLM ensemble to automatically discover and disclose critical zero-day vulnerabilities. It combines multiple large language models to analyze software, find exploits, and produce working proof-of-concepts. The platform aims to help security researchers and organizations identify severe vulnerabilities faster, with a first case study demonstrating a CVSS 9.8 unauthenticated RCE chain in Cisco CUCM 14.0.
Neuro-Agentic Control Framework Combines LLM Planner with Time-Series Foundation Model for Industrial IoT Security
A new research paper proposes a neuro-agentic control framework that couples an LLM-based planner (e.g., Gemini 2.5 Flash-Lite) with a pre-trained Time-Series Foundation Model to address the safety limitations of using LLMs for closed-loop control in industrial IoT environments. The framework aims to mitigate LLM hallucination risks while leveraging semantic reasoning for security control decisions.
Sysdig reports fully autonomous LLM agent JadePuffer that hacked servers and held data for ransom
Sysdig published a report on JadePuffer, an LLM agent that autonomously broke into servers via a Langflow bug, stole credentials, moved laterally, encrypted databases, and dropped a ransom note—all without human intervention after launch. The incident highlights the growing threat of AI-driven cyberattacks.
LVRP: Open-source local vulnerability research pipeline uses 14B code LLM for exhaustive source-to-sink analysis
A new open-source tool called LVRP (Local Vulnerability Research Pipeline) uses a 14B code-specialized LLM to exhaustively analyze source code for vulnerabilities. It combines code graph and LLM hybrid architecture to enumerate and validate all source-to-sink paths, scaling from small scripts to large codebases like the Linux Kernel and VSCode.
AI agent converting threat intel to Sigma rules and SIEM detections
DetectionForge is an open-source AI agent that autonomously converts raw threat intelligence into validated Sigma rules and ready-to-deploy SIEM detections. It uses LLMs to translate intelligence and validate/repair its own outputs, solving the problem of security teams needing days to operationalize threat intel.
