Mining giant’s shipping boss stresses that safety still comes first despite a pressured operating environment
I built an AI webapp defender that autonomously patches code in response to attacks
Hi all, I built an open source PoC AI security tool called Mahoraga Webapp Defender that I wanted to share with you.
If you were paying attention to cybersecurity news lately, you might have heard that Anthropic’s Claude Mythos has been successfully exploiting (finding zero days in) pretty much every software it touches fully autonomously. Agentic attack frameworks now outnumber human attackers 82:1 and compress what used to be days of manual pentesting into minutes. Imo, our current security model of humans patching bugs at human speeds is no longer going to be effective.
I wanted to see what the other side of the equation might look like. So I built Mahoraga Webapp Defender, an experiment in real-time, self-healing webapp defense. If you read/watched Jujutsu Kaisen, Mahoraga is a shikigami that adapts to any technique used to kill it. Every attack makes it stronger. That is the defensive posture I wanted to prototype.
The system runs two copies of the target website: a real one, and an identical shadow copy with fake data. A rule-based Watcher scores every user session for threat signals (injection, enumeration, honeypot hits, etc.). If the score crosses a threshold, the session is silently redirected to the shadow environment, where the attacker continues their adversarial activities.
When the attacker finds an exploit in the shadow environment, a Shadow Analyzer agent reads the logs, identifies the exploit, and hands the analysis to a Fixer agent that reads the actual source code, writes a patch, and hands it to a Reviewer agent. If the review passes, the patch is deployed to the real environment, all while the attacker is still poking at the decoy.
My MIT-licensed repo consists of the code for the defender and a pentesting challenge website with 12 CTF flags so you can pentest it with or without the defender activated: https://github.com/AgeOfAlgorithms/Mahoraga-Website-Defender
Would love feedback, ideas, or code/issue contributions. Also would love to know if you know of anyone else working on a similar idea. Thanks for reading!
submitted by /u/AgeOfAlgorithms
[link] [comments]
Trump ‘gold card’ visa granted to one person so far: US commerce chief
Latest News Latest News https://www.channelnewsasia.com/ CySecBot CySecBot
“One Leader, One Nation”: Iran Hits Back At Trump’s Leadership Remarks
Developments over the weekend around the Strait of Hormuz pointed to serious differences within Iran over how much ground to give in negotiations.
US soldier allegedly bet on Maduro operation using intel
Latest News Latest News https://www.channelnewsasia.com/ CySecBot CySecBot
Meta, Microsoft plan job cuts, buyouts that may affect up to 23,000 roles
submitted by /u/jupa300 [link] [comments]
Oil rises above $106 per barrel as US, Iran deadlocked in Strait of Hormuz
Jump in prices comes as Donald Trump says vessels will need permission of US Navy to transit key waterway.
‘Significant amount’ of child porn found on D4vd’s phone as he is charged with murder in teen’s death, prosecutors say
The musician murdered 14-year-old Celeste Rivas Hernandez after she threatened to expose the sexual relationship between them, prosecutors claim
SAP reports Q1 revenue up 6% YoY to €9.56B, vs. €9.53B est., non-IFRS operating profit up 17% to €2.87B, cloud revenue up 19% to €5.96B; SAP up 10%+ after hours (Reuters)
Reuters:
SAP reports Q1 revenue up 6% YoY to €9.56B, vs. €9.53B est., non-IFRS operating profit up 17% to €2.87B, cloud revenue up 19% to €5.96B; SAP up 10%+ after hours — Europe’s largest software maker SAP (SAP…
Blaze breaks out at popular Bali resort
A major fire has broken out at a popular resort in Bali’s Nusa Dua region.