Papers on using LLMs for vulnerability detection github.com/huhusmang/Awesome… #llm #infosec

Really excited to open source a new project: Omnigent, a meta-harness for AI agents. It lets you build multi-agent coding and custom agents, sitting above Claude Code, Codex, Pi, and agent SDKs to let you compose them. It also adds live collaboration and rich control policies.

Fable isn't the first. In 1999 the department of defense blocked exports of the PowerMac G4 for crossing the 1 gigaflop threshold. Steve Jobs turned it into an ad.

Today on the blog, we discuss a pathway for the second life of phones through the exploration of “phone cluster computing”, which can directly reduce the environmental footprint of computing by avoiding the need for further raw material extraction. More →goo.gle/4aJe5vO

The Lord is a refuge for the poor (cf. Ps 14:6). In Christ, we are called to become poor and to be a refuge for the poor. The Christian community cannot remain indifferent to the many who stand at the door but remain invisible to those who are shut within their own walls. vatican.va/content/leo-xiv/e…

China Accelerates Deployment of Humanoid Robots in Real Scenarios. 🇨🇳 China is pushing humanoids and embodied AI into factories, logistics, retail, healthcare, safety, emergency response, and disaster prevention. The key is the real-robot data loop: train in real sites, collect task data, then use it to improve models, hardware components, safety, and deployment. The 2026 target is clear: 100 high-value scenarios and the capability for 10,000-unit-scale rollout. For humanoids, this is the shift that matters: fewer staged moves, more useful work.

Burp Suite Professional costs 475 dollars a year per seat. A senior software engineer in Amsterdam built the open source replacement as a side project. He put it on GitHub for free. It has 10,569 stars. His name is David Stotijn. The software is Hetty. Here is what Hetty is. An HTTP toolkit for security research. A machine-in-the-middle proxy that sits between your browser and the target. Every request and every response flows through Hetty. You can read them, search them, intercept them, edit them, replay them, and send them again. This is the core loop of every web application security test ever performed. Burp Suite charges 475 dollars a year for it. Hetty does the same job for zero. Here is the feature set. A machine-in-the-middle HTTP proxy with full logs and advanced search. An HTTP client for manually creating and editing requests, and replaying any request you already proxied. Request and response interception for manual review, with full edit, send, receive, and cancel control. Scope support to keep your work organized to a single target. A web-based admin interface that runs in your browser. Project-based database storage so multiple engagements stay separate. A GraphQL service for programmatic access. The installer is a single Go binary. Works on macOS, Linux, and Windows. No Java runtime, no enterprise license server, no machine fingerprinting, no telemetry. Here is the price ladder. Burp Suite Professional: 475 dollars a year per seat. Burp Suite Enterprise: thousands per year, contact sales for a quote. Burp Suite Community Edition: free, but throttled, no scanner, no project save, no intruder rate. OWASP ZAP: free and open source, now owned by Checkmarx after a 2024 acquisition. Hetty: zero. Forever. One binary. No account. A pentester working full time pays Burp 475 dollars a year. A team of 10 pentesters pays 4,750 dollars a year. A bug bounty hunter who finds one vulnerability has already paid for Burp twice over. Or they download a 30 MB Go binary written by a freelancer in Amsterdam and keep every dollar they earn. David has not pushed a new commit in 16 months. The last commit was January 13, 2025. That is normal for a tool that is feature-complete. HTTP has not changed. The proxy still proxies. The intercept still intercepts. MIT licensed code does not expire when the maintainer takes a break. Buy a domain. Find a bug. Cash a bounty. PortSwigger took a free industry tool and put it behind a 475 dollar paywall. A freelancer in Amsterdam gave it back. On every platform. For zero dollars. Your proxy. Your binary. Your bounties. (Link in the comments)

🚨 @Karpathy predicted the power of the "LLM Wiki." Google just formalized it. Meet Open Knowledge Format (OKF): a vendor-neutral standard for giving foundation models the curated context they need. I can genuinely see this replacing Notion, Obsidian, or traditional wikis for developer teams, and the reason comes down to bookkeeping. Traditional wikis fail because humans inevitably abandon the tedious work of updating them. As Andrej Karpathy pointed out recently, LLMs don't get bored. They don't forget to update a cross-reference, and they can touch 15 files in a single pass. OKF standardizes the interoperability layer so agents can actually do that heavy lifting autonomously. Because the format is minimally opinionated, it doesn't dictate what you write, it just dictates how it's structured. You get: → Human-readable documents that live right alongside your code in version control → Cross-links that map out complex entity relationships without needing a graph database → A system that survives moving between different tools and organizations There is no complex compression scheme. No central registry. If you can cat a file, you can read it. If you can git clone a repo, you can deploy it. This is how we stop rebuilding context pipelines from scratch every time a new model drops. Announcement spec file in 🧵↓

An armed quadruped robot designed for military operations.

Anthropic launches $15 million cyber defense program for state and local governments scworld.com/brief/anthropic-…

🚨 A China-linked hacking group hid inside a network for nearly 10 years. Not by dropping obvious malware, but by quietly changing the #Linux login software itself. Researchers say Velvet Ant backdoored PAM and OpenSSH components to steal credentials, log commands, and keep access inside a network with no direct internet access. Read the full story: thehackernews.com/2026/06/ch…

This is really big news. Google introduced the Open Knowledge Format (OKF) - a standardized way to store information in a directory of markdown files. Makes it really easy to make a digital brain that agents can use. These files can serve as a living wiki. You can give agents the ability to query them or edit them. They can interlink. Seems to me this could replace Notion or Obsidian. I can think of so many uses for this. Google's blog post: cloud.google.com/blog/produc… An easier to understand explanation is the SPEC.md file: github.com/GoogleCloudPlatfo… I gave those two links to Antigravity and asked how we could use it for any of the projects we're working on. It came up with so many ideas. I would imagine Claude Fable 5 would whip up some pretty amazing things based on this system. Currently creating an OKF library of our pepper garden. It's going to be a fun weekend.

🚨 BrEaKiNg: Splunk, a security product, has zero authentication in its built-in database service and accepts any credentials, according to the security researchers who just dropped a full pre-auth RCE chain for Splunk Enterprise (CVE-2026-20253, CVSS 9.8). Splunk Enterprise on AWS is vulnerable out of the box.

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…

Will AI kill us all in an apocalyptic end? Why not? Exactly, Warren explains why the AI singularity won't kill us all, and why we don't need an AI kill switch. 0:00 Will AI Kill Us? 0:58 AI Needs Us 3:30 AI Stocks Report 5:39 AI Singularity 8:09 AI Stock Options 8:40 Human Intelligence

Given token economics, we really need @apple’s new ceo to go all in on workstations that can run local, open source models Ideally, with a router that can flip between local models and frontier models when the former gets stuck. And America needs an open source champion — we really should not be comfortable with the Chinese owning the open source LLM market to the extent they do

Shodan identifies open directory listings, tags them ("open-dir") and lets you search their contents by file extension or hash: shodan.io/search?query=open_… The banner also includes the parsed directory listing info: datapedia.shodan.io/property…

4 months till SecureWV 17! While you wait why not check out Matthew Hickey's Keynote from last year? youtube.com/watch?v=ya08_0sp…

4 months till SecureWV 17! While you wait why not check out Dr Josh Brunty's Keynote from last year? youtube.com/watch?v=hKXD-LuQ…

📣📣Have you heard?!?!📣📣 TICKETS FOR SECUREWV 17 ARE NOW ON SALE!!! October 22nd - 23rd 2026 securewv.org/product-categor… #SecureWV #InfoSec #Cybersecurity #WVEvents #TechConference #SecurityAwareness #Nonprofit #WestVirginia #Conference2026