Aardvark – agent od OpenAI, który wykrywa, eksploituje i łata podatności. Wynik: 10 CVE w projektach open-source
OpenAI informuje o udostępnieniu Aardvarka – agenta opartego na GPT-5, który wciela się w rolę badacza bezpieczeństwa z możliwością skanowania setek repozytoriów jednocześnie. Po otrzymaniu dostępu do repozytorium skanuje kod, wykrywa podatności, testuje je w sandboksie, żeby potwierdzić czy ich użycie jest realne, a następnie proponuje poprawki (po integracji z...
I'm all for AI tools like #Aardvark and #CodeMender helping find bugs and fix security flaws. But do you really want someone scanning all your code, with the risk it’s used to train #LLMs?
#OpenAI #DeepMind #AI #Cybersecurity #ResponsibleAI #CodeSafety #DevSecOps
Introducing Aardvark: OpenAI’s...
🔥 Latest issue of my curated #cybersecurity and #infosec list of resources for week #44/2025 is out!
→ It includes the following and much more:
💌 #Google disputes false claims of massive #Gmail data breach;
🇪🇺 The #EU says #Facebook and #Instagram broke Digital Services Act (DSA) rules;
🇺🇸 🇷🇺 Former US Defense Contractor Executive Admits to Selling Exploits to #Russia;
🤔 #F5 says a nation-state attacker had long-term access to its systems;
🧰 🩹 #OpenAI releases ‘#Aardvark’ security and patching model;
--
👉 NEVER MISS my curations and updates on information security and cybersecurity news and challenges 📨 Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
https://infosec-mashup.santolaria.net/p/infosec-mashup-44-2025
📢 OpenAI lance Aardvark, un agent de recherche de vulnérabilités alimenté par GPT‑5 (bêta privée)
📝 Source: OpenAI (openai.com) — Annonce du 30 octobre 2025.
📖 cyberveille : https://cyberveille.ch/posts/2025-11-02-openai-lance-aardvark-un-agent-de-recherche-de-vulnerabilites-alimente-par-gpt-5-beta-privee/
🌐 source : https://openai.com/index/introducing-aardvark/
#Aardvark #GPT_5 #Cyberveille
"OpenAI has announced the launch of an "agentic security researcher" that's powered by its GPT-5 large language model (LLM) and is programmed to emulate a human expert capable of scanning, understanding, and patching code.
Called Aardvark, the artificial intelligence (AI) company said the autonomous agent is designed to help developers and security teams flag and fix security vulnerabilities at scale. It's currently available in private beta.
"Aardvark continuously analyzes source code repositories to identify vulnerabilities, assess exploitability, prioritize severity, and propose targeted patches," OpenAI noted.
It works by embedding itself into the software development pipeline, monitoring commits and changes to codebases, detecting security issues and how they might be exploited, and proposing fixes to address them using LLM-based reasoning and tool-use.
Powering the agent is GPT‑5, which OpenAI introduced in August 2025. The company describes it as a "smart, efficient model" that features deeper reasoning capabilities, courtesy of GPT‑5 thinking, and a "real‑time router" to decide the right model to use based on conversation type, complexity, and user intent.
Aardvark, OpenAI added, analyses a project's codebase to produce a threat model that it thinks best represents its security objectives and design. With this contextual foundation, the agent then scans its history to identify existing issues, as well as detect new ones by scrutinizing incoming changes to the repository."
https://thehackernews.com/2025/10/openai-unveils-aardvark-gpt-5-agent.html
#CyberSecurity #AI #GenerativeAI #OpenAI #Aardvark #AIAgents #LLMs #GPT5
OpenAI has launched Aardvark, an autonomous “agentic security researcher” powered by GPT-5.
It scans codebases for vulnerabilities, validates exploitability in sandboxed environments, and auto-generates potential patches.
Early reports show 10+ CVEs identified in open-source projects.
What’s your view - is AI-driven vulnerability research the future of cybersecurity or another layer of risk?
#CyberSecurity #OpenAI #GPT5 #Aardvark #Infosec #AI #DevSecOps #VulnerabilityManagement #MachineLearning #CodeSecurity #TechNews
🛠️ Tool
===================
Executive summary: OpenAI released Aardvark, an invite-only Beta LLM-powered security model built on ChatGPT-5 that automates vulnerability discovery, prioritization, sandbox validation of exploitability, and proposed patch generation for source-code repositories. OpenAI reports that Aardvark found 92% of known and synthetic vulnerabilities in unspecified "golden" repositories and has identified 10 issues that received CVE entries.
Technical details:
• Aardvark explicitly contrasts itself with traditional program analysis: it "does not rely on fuzzing or software composition analysis (SCA)" and instead leverages LLM reasoning plus orchestrated tool use (reading code, synthesizing tests, running sandboxed checks, and annotating code).
• Features described include automated threat-model generation from repository contents, exploit sandboxing to validate real-world exploitability, inline code annotation, and submission of patch proposals for human review.
• Deployment and access are described as invite-only Beta with plans to expand; open-source noncommercial repositories are slated to receive free scanning access.
How it works conceptually:
• LLM reasoning layer ingests code and repository metadata to generate hypotheses about vulnerable behavior.
• Orchestrator issues targeted tests and leverages sandboxed execution to confirm exploitability before producing remediation suggestions.
• Outputs include vulnerability prioritization and human-reviewable patches rather than fully autonomous commits.
Detection and validation guidance (conceptual):
• Focus detection on logic/semantic patterns the model highlights (e.g., insecure use of deserialization, improper auth checks, information leaks) and validate model-suggested exploitability with isolated test harnesses.
• Treat proposed patches as candidate fixes requiring code-review and threat-model re-evaluation; track CVE assignments reported by the tool.
Limitations and open questions:
• Reported evaluation used unspecified "golden" repositories; details on dataset composition, false-positive/false-negative rates beyond the 92% figure are not published.
• Reliance on LLM reasoning raises questions about reproducibility and the potential for hallucinated fixes; OpenAI states patches are submitted for human review.
• Disclosure policy changes at OpenAI (no strict timelines) may affect coordinated reporting cadence and public visibility of findings.
Takeaway: Aardvark represents an LLM-driven shift toward automated detection+validation+remediation workflows, with promising early metrics and open questions about evaluation details and operational controls. #Aardvark #OpenAI #tool
🔗 Source: https://cyberscoop.com/openai-aardvark-security-and-patching-model-beta/
"Aardvark works by monitoring commits and changes to codebases, identifying vulnerabilities, how they might be exploited, and proposing fixes."
https://openai.com/index/introducing-aardvark/
"If your organization or open source project is interested in joining [the Aardvark private beta.], you can apply here."
https://www.openai.com/form/aardvark-beta-signup
#Aardvark @TheAntAndTheAardvark #ThePinkPantherShow #OpenAI #InformationSecurity #InfoSec #BugHunting
#OpenAI launched #Aardvark, a #GPT5 powered #cybersecurity #agent in private beta. Aardvark identifies, explains, and helps fix #vulnerabilities in #codebases by leveraging LLM-powered reasoning and tool use. It scans #repositories, explains vulnerabilities, attempts to prove their existence, and provides #patches for human review. https://www.zdnet.com/article/openai-unveils-aardvark-a-gpt-5-powered-agent-for-autonomous-cybersecurity-research/?eicker.news #tech #media #news
GPT-5 기반 Aardvark, 취약점 92% 탐지하며 보안 연구의 새 기준 제시
OpenAI가 GPT-5 기반 자율형 보안 연구 에이전트 Aardvark를 공개했습니다. 벤치마크 테스트에서 92% 취약점 탐지율을 기록하며 인간 보안 연구자처럼 코드를 읽고 분석하는 새로운 접근 방식을 제시합니다.
92 % aller Fehler im Code finden und beheben? OpenAI's neuer KI-Agent 'Aardvark' soll das autonom erledigen. Das auf GPT-5 basierende Tool hat bereits 10 reale Schwachstellen in Open-Source-Projekten aufgedeckt. Macht dieser Grad an Autonomie die Softwareentwicklung wirklich sicherer oder schafft er neue, unkontrollierbare Abhängigkeiten? #OpenAI #Aardvark #GPT5
https://www.all-ai.de/news/top-news24/openai-aardvark
Detox Doodles!
They are sketches I've been doing to try and replace mindless scrolling!
This page is all about Aardvarks!
Atari 2600: Zehn neue Hightech-Games für die Steinzeit-Maschine
Zehn erstklassige neue Homebrewspiele für das altehrwürdige Atari 2600, von denen zwei sogar sprechen können!
#Aardvark #Atari2600 #AtariVCS #Boom_ #CircusConvoy #DeepstoneCatacomb #DonkeyKongVCS #Draconian #Galagon #GorfArcade #Homebrew #LodeRunner #TurboArcade #TutankhamArcade
I'm practicing my nascent drawing skills by attempting to copy simple drawings.
The Pearson Scott Foresman archives released into the public domain and donated to Wikimedia are very helpful.
Today I attempted an aardvark. (Next: an abalone shell.)
Yes, it's a bit wonky in the proportions - my bête noire - but it actually looks like a drawing! Progress!
https://commons.m.wikimedia.org/wiki/File:Aardvark2_(PSF).png
#drawing #aardvark
Aardvarks on the telly klaxon!!!
#Aardvark #MySpiritAnimal
@ScienceScholar Since the headline raises a question that is only answered in the paywalled article and the image without alt text, here is the list of 12 myrmecophages that have evolved over the past 66 million years:
mongoose
aardwolf
sloth bear
pangolin
echidna
numbat
anteater
aardvark
golden mole
tenrec
elephant shrew
#science #myrmecophagy #anteater #ConvergentEvolution #evolution #mongoose #aardwolf #SlothBear #pangolin #echidna #numbat #aardvark #GoldenMole #tenrec #ElephantShrew
What you need to know about EMP weapons
https://www.aardvark.co.nz/daily/2025/0606.shtml
#ycombinator #Aardvark #Australia #New_Zealand #technology #science #internet #news
