Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

DARPA announces AIxCC winners and open-sources finalist CRSes

Public Sector Action
First reported
Last updated
Happening score
H score 21
1 unique sources, 1 articles

Summary

Hide ▲

DARPA announced the AI Cyber Challenge (AIxCC) winners at DEF CON 33, ending a two-year effort to test whether AI can secure open source technology underpinning critical infrastructure. The program matters because it produced working cyber reasoning systems (CRSes) that can find vulnerabilities and generate patches at scale. DARPA also said all seven finalist CRSes will be made available for open source use.

Related Happenings

Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery

Security Tool/Service
First: 08.04.2026 12:16 Last: 08.04.2026 12:16 Sources 1

About this happening: **Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...

Latest development: 23.05.2026 14:55

Anthropic said Project Glasswing has uncovered more than 10,000 high- or critical-severity vulnerabilities across widely used software since the program launched last month, including 6,202 high/critical flaws affecting more than 1,000 open-source projects, 1,726 validated true positives, 1,094 high/critical flaws, a critical WolfSSL flaw tracked as CVE-2026-5194 with CVSS score 9.1, 97 upstream patches, and 88 advisories.

Open Happening

Google DeepMind CodeMender AI agent debuts to detect and patch vulnerable code

Security Tool/Service
First: 07.10.2025 18:18 Last: 07.10.2025 18:18 Sources 1

About this happening: Google DeepMind launched **CodeMender**, an **AI-powered agent** that detects, patches, and rewrites vulnerable code to reduce future exploit risk. The system uses **Gemini Deep T...

Open Happening

Wiz Zeroday.Cloud bug-bounty competition

Commercial Activity
First: 06.10.2025 12:44 Last: 06.10.2025 12:44 Sources 1

About this happening: Wiz launched Zeroday.Cloud, a $4.5 million bug-bounty competition focused on open-source cloud and AI tools. The program is backed by Google Cloud, AWS, and Microsoft and covers s...

Latest development: 06.10.2025 20:12

Wiz's research arm launched Zeroday Cloud, a bug-bounty competition for open-source cloud and AI tools with a $4.5 million prize pool, backed by Google Cloud, AWS, and Microsoft and scheduled for December 10 and 11 at Black Hat Europe in London, UK. The contest spans six categories across AI, Kubernetes and cloud-native, containers and virtualization, web servers, databases, and DevOps & automation, with payouts ranging from $10,000 to $300,000. Submitted exploits must achieve complete compromise, defined as a full Container/VM Escape for virtualization targets or a 0-click Remote Code Execution vulnerability for other targets, and participants must register through HackerOne, complete ID verification and tax forms by November 20, and comply with one-entry-per-target and country-restriction rules.

Open Happening

Timeline

  1. 21.08.2025 16:00 1 articles · 9mo ago

    DARPA announces AIxCC winners and open-source release plans

    Initial Disclosure

    DARPA announced the AI Cyber Challenge (AIxCC) winners at DEF CON 33 in Las Vegas after a two-year effort to test whether cyber reasoning systems (CRSes) could secure open source software underlying critical infrastructure. The finalists analyzed 54 million lines of code, found 54 synthetic vulnerabilities and patched 43, and also uncovered 18 real vulnerabilities that were disclosed to open source project maintainers; teams submitted 11 patches for real bugs. Team Atlanta, Trail of Bits, and Theori won the competition and were awarded $4 million, $3 million, and $1.5 million, and DARPA said all seven finalist CRSes will be made available for open source use.

    Show sources
    Open in new tab