CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

DARPA AIxCC competition results in advanced cyber reasoning systems for open source security

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

The Defense Advanced Research Projects Agency (DARPA) concluded its AI Cyber Challenge (AIxCC) at DEF CON 33. The competition aimed to develop AI-driven cyber reasoning systems (CRSes) to secure open source software in critical infrastructure. Teams identified and patched synthetic and real vulnerabilities in 54 million lines of code. The winners were Team Atlanta, Trail of Bits, and Theori, who will receive $4 million, $3 million, and $1.5 million respectively. All finalist teams' CRSes will be made open source. The competition demonstrated the effectiveness of AI in identifying and patching vulnerabilities, with CRSes discovering 54 unique synthetic vulnerabilities and 18 real vulnerabilities. The technology is expected to significantly enhance the security of open source software, which underpins critical infrastructure.

Timeline

  1. 21.08.2025 16:00 πŸ“° 1 articles Β· ⏱ 26d ago

    DARPA concludes AIxCC competition with successful AI-driven vulnerability patching

    At DEF CON 33, DARPA announced the winners of its AI Cyber Challenge (AIxCC), a two-year program focused on using AI to secure open source software. Teams developed cyber reasoning systems (CRSes) that identified and patched synthetic and real vulnerabilities in 54 million lines of code. The winners were Team Atlanta, Trail of Bits, and Theori, who will receive $4 million, $3 million, and $1.5 million respectively. All finalist teams' CRSes will be made open source, and the technology is expected to significantly enhance the security of open source software in critical infrastructure.

    Show sources
    Open in new tab

Information Snippets

  • The AI Cyber Challenge (AIxCC) was a two-year program focused on using AI to secure open source software.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • Teams developed cyber reasoning systems (CRSes) to identify and patch vulnerabilities in 54 million lines of code.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • CRSes discovered 54 unique synthetic vulnerabilities and 43 were patched during the competition.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • Teams also identified 18 real, non-synthetic vulnerabilities and provided 11 patches.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • The competition tasks cost an average of $152, significantly lower than traditional bug bounties.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • The winners were Team Atlanta, Trail of Bits, and Theori, receiving $4 million, $3 million, and $1.5 million respectively.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • All finalist teams' CRSes will be made available as open source.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

  • The competition demonstrated the potential of AI in enhancing open source software security.

    First reported: 21.08.2025 16:00
    πŸ“° 1 source, 1 article
    Show sources

Similar Happenings

Malicious nx Packages Exfiltrate 2,349 GitHub, Cloud, and AI Credentials

A supply chain attack on the nx build system allowed attackers to publish malicious versions of the popular npm package and auxiliary plugins. These versions contained data-gathering capabilities that exfiltrated 2,349 credentials from GitHub, cloud, and AI services. The attack occurred on August 26, 2025, affecting multiple versions of the nx package and related plugins. The compromised packages were removed from the npm registry, and users were advised to rotate credentials and check for malicious modifications in their systems. The malicious packages scanned file systems, collected credentials, and posted them to GitHub repositories under the users' accounts. The attack exploited a vulnerable workflow introduced on August 21, 2025, which allowed for arbitrary command execution and elevated permissions. The attack took approximately four hours from start to finish, resulting in the exfiltration of around 20,000 sensitive files. The attackers used AI-powered CLI tools to dynamically scan for high-value secrets and modified shell startup files to crash the system upon terminal session opening. A second attack wave was identified on August 28, 2025, affecting over 190 users/organizations and over 3000 repositories. The second wave involved making private repositories public and creating forks to preserve data. The attack unfolded in three distinct phases affecting 2,180 accounts and 7,200 repositories. The first phase impacted 1,700 users and leaked over 2,000 unique secrets. The second phase compromised 480 accounts and exposed 6,700 private repositories. The third phase targeted a single organization, publishing an additional 500 private repositories.

Open in new tab

Citrix NetScaler ADC and Gateway vulnerabilities patched and actively exploited in the wild

Citrix has released patches for three vulnerabilities in NetScaler ADC and NetScaler Gateway. One of these vulnerabilities, CVE-2025-7775, is actively exploited in the wild. The flaws include memory overflow vulnerabilities and improper access control issues. The vulnerabilities affect specific configurations of NetScaler ADC and NetScaler Gateway, including unsupported, end-of-life versions. Citrix has confirmed active exploitation of CVE-2025-7775, which can lead to remote code execution or denial-of-service. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-7775 to its Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to remediate within 48 hours. Nearly 20% of NetScaler assets identified are on unsupported, end-of-life versions, with a significant concentration in North America and the APAC region. CISA lists 10 NetScaler flaws in its KEV catalog, with six discovered in the last two years. Threat actors are using HexStrike AI, an AI-driven security platform, to exploit the Citrix vulnerabilities, significantly reducing the time between disclosure and mass exploitation. HexStrike-AI was created by cybersecurity researcher Muhammad Osama and has been open-source and available on GitHub for the last month, where it has already garnered 1,800 stars and over 400 forks.

Open in new tab

AI systems vulnerable to data-theft prompts in downscaled images

Researchers have demonstrated a new attack method that steals user data by embedding malicious prompts in images. These prompts are invisible in full-resolution images but become visible when the images are downscaled by AI systems. The attack exploits aliasing artifacts introduced by resampling algorithms, allowing hidden text to emerge and be interpreted as user instructions by the AI model. This can lead to data leakage or unauthorized actions. The method has been successfully tested against several AI systems, including Google Gemini CLI, Vertex AI Studio, Gemini's web interface, Gemini's API, Google Assistant on Android, and Genspark. The attack was developed by Kikimora Morozova and Suha Sabi Hussain from Trail of Bits, building on a 2020 theory presented in a USENIX paper. The researchers have also released an open-source tool, Anamorpher, to create images for testing the attack. They recommend implementing dimension restrictions and user confirmation for sensitive tool calls as mitigation strategies.

Open in new tab