VulnHub

Real-time Cybersecurity News

A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security

Help Net Security

Overview

A research team developed a new AI system called EVOHUNT, which improves security auditing by teaching AI agents to identify software bugs using an external playbook. This system keeps the core AI model unchanged, focusing instead on enhancing the way the agent works through a written method. Notably, an open-source model utilizing this evolved playbook outperformed OpenAI's commercial Codex in finding actual vulnerabilities. This finding is significant for organizations looking to enhance their cybersecurity tools, as it suggests that innovative, cost-effective approaches can yield better results than established products. The research emphasizes the potential for AI to improve software security and the need for companies to consider alternative auditing solutions.

Key Takeaways

  • Affected Systems: OpenAI Codex, EVOHUNT
  • Action Required: Organizations should consider adopting or developing AI-based security auditing tools that utilize playbook-driven methodologies.
  • Timeline: Newly disclosed

Original Article Summary

A research team has built a system that teaches AI agents to hunt for software bugs by writing the audit method down as plain text. The system, called EVOHUNT, keeps the underlying AI model fixed and improves only an external “playbook” that tells the agent how to work. One result stands out for anyone buying security tools. An open-source model running an evolved playbook found real vulnerabilities at a higher rate than OpenAI’s commercial Codex … More → The post A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security appeared first on Help Net Security.

Impact

OpenAI Codex, EVOHUNT

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

Organizations should consider adopting or developing AI-based security auditing tools that utilize playbook-driven methodologies.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

When Information Becomes the Attack Surface – Understanding AI Agent Traps

SecurityWeek

Researchers are warning about a new type of cybersecurity threat where attackers manipulate trusted data sources to trick autonomous AI systems. This tactic includes techniques such as hidden content injections and cognitive state poisoning, which can lead AI agents to make incorrect decisions based on compromised information. The implications are significant, as this could affect various industries relying on AI for decision-making, potentially leading to misinformation or harmful actions. Organizations using AI need to be aware of these vulnerabilities and ensure their data sources are secure and reliable to prevent exploitation. As these methods evolve, continuous monitoring and updates to AI training processes will be crucial.

Jun 24, 2026

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a serious vulnerability affecting Lantronix EDS5000 Series devices. This flaw, identified as CVE-2025-67038, has a high severity score of 9.8 and involves a code injection issue that could allow attackers to execute malicious code. CISA is urging Federal Civilian Executive Branch agencies to implement available fixes before the deadline of June 26, 2026. The active exploitation of this vulnerability raises concerns about potential unauthorized access and control over affected devices, which could lead to significant security breaches. Organizations using these devices should prioritize applying security updates to mitigate risks.

Jun 24, 2026

More Malicious OpenClaw Skills Threaten AI Supply Chain

darkreading

OpenClaw recently removed five malicious packages from its skills marketplace, ClawHub, after they were found to bypass security checks. These packages included infostealers and other harmful threats that could compromise the security of users' systems. This incident raises concerns about the effectiveness of security measures in place at ClawHub and the potential risks faced by users who might unknowingly download these malicious skills. The presence of such threats not only endangers individual users but also poses a risk to the broader AI supply chain, as these vulnerabilities could be exploited by attackers to gain unauthorized access to sensitive information. Companies and developers using OpenClaw should be vigilant and ensure their systems remain secure against such threats.

Jun 24, 2026

Researchers Trick AI Browsers Into Leaking Credentials

Infosecurity Magazine

Researchers from LayerX have successfully tricked AI browsers, including ChatGPT Atlas and Comet, into revealing sensitive user credentials. By exploiting weaknesses in the systems' guardrails, they demonstrated that these AI tools could be manipulated to bypass security measures designed to protect user data. This incident raises significant concerns about the reliability of AI-driven applications, especially as they become more integrated into daily online activities. Users of these AI browsers should be aware of the potential risks and take extra precautions when sharing sensitive information. The findings suggest that AI systems need stronger safeguards to prevent similar exploits in the future.

Jun 24, 2026

New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector

Hackread – Cybersecurity News, Data Breaches, AI and More

The hacking group GhostShell is targeting Ukraine's drone defense sector by using fake documents related to drones to deceive defense teams. Researchers have identified that this cyber campaign is aimed at stealing passwords and sensitive information from these teams. The implications of this attack are significant, as it not only compromises the security of critical defense systems but also highlights the ongoing risks faced by Ukraine amid its conflict. The attackers' tactics demonstrate a sophisticated approach to infiltrating sensitive areas, raising concerns for national security. As the situation evolves, it's crucial for defense organizations to remain vigilant and enhance their cybersecurity measures.

Jun 24, 2026

CISA warns of max severity Ubiquiti flaws exploited in attacks

BleepingComputer

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about serious vulnerabilities in Ubiquiti UniFi OS and Lantronix serial-to-ethernet servers that are currently being exploited by hackers. These flaws could allow attackers to gain unauthorized access and control over affected systems. The vulnerabilities pose a significant risk to users, including businesses and organizations relying on these technologies for network management. CISA emphasizes the urgency for affected users to take immediate action to protect their networks from potential breaches. Prompt updates and patches are essential to mitigate these risks and secure vulnerable systems.

Jun 24, 2026