AI Topics

Open Source Archive

The AI Cyber Challenge was designed to advance cybersecurity technology AND ensure that technology is applied to secure the code we all rely on. To that end, all 7 finalist teams are releasing their competition Cyber Reasoning Systems (CRSs) open-source in order to accelerate the distribution and use of the AIxCC-developed technology within the cybersecurity and software development fields.

In addition, you are invited to access, test, use and build on the following:

→ AIxCC competition infrastructure

→ Competition Challenges

→ Cyber Reasoning Unified Model Benchmark System (CRUMBS)

→ Competition harness documentation

→ And more!

https://archive.aicyberchallenge.com/

42 Beyond Bug
https://b3yond.org/

Atlanta won the competition the group’s name is 42 Beyond Bug
The have an open archive of the tools/source code for the tools.
https://github.com/42-b3yond-6ug/42-b3yond-6ug-crs

Title: OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically

Source: Cyber Security News

Date Published: November 2, 2025

Excerpt:

"Aardvark functions through a sophisticated multi-stage pipeline that mimics the investigative process of a seasoned security researcher.

It begins with a comprehensive analysis of an entire repository to generate a threat model, capturing the project’s security objectives and potential risks.

Next, during commit scanning, the agent examines code changes against this model, identifying vulnerabilities in real-time as developers push updates; for initial integrations, it reviews historical commits to uncover latent issues.

...

Explanations are provided step-by-step, with annotated code snippets for easy human review, ensuring transparency.

Following detection, validation occurs in a sandboxed environment where Aardvark attempts to exploit the flaw, confirming its real-world impact and minimizing false positives.

This isolated testing describes the exact steps taken, delivering high-fidelity insights. For remediation, Aardvark leverages OpenAI’s Codex to generate precise patches, attaching them directly to findings for one-click application after review.

Unlike traditional methods such as fuzzing or static analysis, Aardvark employs LLM-powered reasoning to comprehend code behavior deeply, also spotting non-security bugs like logic errors.

The process integrates seamlessly with GitHub and other tools, maintaining development velocity."

To read the complete article see:

https://cybersecuritynews.com/aardvark-gpt-5-agent/

Google AI and Deepmind

The Google for Startups Gemini kit is here Innovate faster

Innovate faster with Gemini Unlock your startup’s potential with access to advanced AI models and tools to build on your platform of choice.

AlphaGenome: AI for better understanding the genome

Introducing Gemma 3n: The developer guide
Gemma 3n represents a major advancement for on-device AI, bringing powerful multimodal capabilities to edge devices with performance previously only seen in last year's cloud-based frontier models.

Google Agent Development Kit

Today, Google announced the Agent Payments Protocol (AP2), an open protocol developed with leading payments and technology companies to securely initiate and transact agent-led payments across platforms. The protocol can be used as an extension of the Agent2Agent (A2A) protocol and Model Context Protocol (MCP). In concert with industry rules and standards, it establishes a payment-agnostic framework for users, merchants, and payments providers to transact with confidence across all types of payment methods.

Chuck Keith aka NetworkChuck has created a great video detailing how to use Docker with MCP and Agents in a really clear easy to follow video. I highly recommend watching his work.

"You need to learn MCP Right Now!! The Model Context Protocol (MCP) changes everything. It gives LLMs like Claude and ChatGPT the ability to use real tools through APIs instead of clunky GUIs. In this video, I’ll break down how MCP works, why it’s so powerful, and how you can run it using Docker containers. I’ll even show you how to build your own custom MCP servers so you can connect AI to literally ANYTHING: Obsidian, Brave, Kali Linux, and more. Grab your coffee. Let’s go."

https://lnkd.in/eTBvRvd5

Copied from Clint Gibler on X
Great primer by @semgrep's Kurt Boberg on testing and securing MCP servers and clients.

Kurt covers:

- The control flow for MCP

- Important terms

- Using MCP Inspector

- Key MCP vulnerability classes (tool poisoning/line jumping, tool shadowing, rug pulling, Web 2.0 issues)

- An overview of security-relevant parts of the MCP specification

And a great, concise cheatsheet of what you should look for as a security engineer for both MCP clients and servers.

https://semgrep.dev/blog/2025/a-security-engineers-guide-to-mcp/

OpenAI Academy Let's unlock AI together

Kaggle Level up with the largest AI & ML community

Hugging Face The AI community building the future. 1,825,339 Models

This was copied from a Twitter post by
Louis Gleeson @aigleeson

OpenAI, Google & Anthropic just dropped their internal AI playbooks for free

• how to build AI agents

• how to scale infra

• how to prompt better than 99% of devs

Get all the guides below with links for free (no login required)

• Prompting 101 – Google’s no-nonsense intro

→ https://services.google.com/fh/files/misc/gemini-for-google-workspace-prompting-guide-101.pdf

• Build Agents That Work – Practical, not theoretical

→ https://cdn.openai.com/business-guides-and-resources/a-practical-guide-to-building-agents.pdf

• Agent Coding Tips – Shortcuts from Anthropic’s engineers

→ https://media.licdn.com/dms/document/media/v2/D4D1FAQG5XHRSnj4AMw/feedshare-document-pdf-analyzed/B4DZbOcFD5GUAc-/0/1747220199296?e=1749081600&v=beta&t=69P678MF8vqvcvLwWCUq6EZPyRPL-RQOAcy_9VQWDbQ