attacks.ai/Research
← All posts
Notes·May 26, 2026·2 min read

Hello

What this research log is, what we're building with attacks.ai, and who is behind it.

By Takyon·Published 2026-05-26

This is the attacks.ai research log: notes on doing real cybersecurity work with AI, and on how AI agents themselves hold up when someone adversarial pushes back.

What we're building with attacks.ai

attacks.ai is about using AI to do real security work. Language models have quietly become good enough to read code, reason about an attack surface, and find genuine vulnerabilities, and that changes who gets to do serious security research. Our job is to point that capability at hard problems: hunting bugs in real software, red-teaming AI agents to see how they behave when something adversarial turns up in their input, and building the tooling that makes the whole thing repeatable instead of a one-off party trick.

One belief runs through all of it: this should not be the exclusive property of frontier labs. A surprising amount of serious security work can be done with open models on hardware you already own, as long as you are disciplined about the method. The first writeup on this blog is exactly that, a near-free bug-hunter, built at home, that found real vulnerabilities in a real project. Expect more in that spirit.

What you'll find here

Field notes and teardowns rather than press releases. Some posts are short benchmarks, some are long engagement writeups, and some are just an interesting failure worth recording. Less polished than a paper, more rigorous than a thread.

When a post covers a live security finding, we run it as coordinated disclosure: the vendor hears about it first, the post explains what is broken and why rather than handing out a working exploit, and the details stay held until a fix ships or the disclosure window closes.

Who's behind it

I'm a solo security researcher and developer, and attacks.ai is the research side of reyse.ai. For now this is mostly a one-person operation: I build the tooling, run the hunts, and write the disclosures. The bias is toward doing this in the open and honestly, with the work reproducible enough that you could repeat it yourself.

Found a bug in something covered here, want to compare notes, or have a target you think the hunter should look at? Get in touch at attacks@reyse.ai, or on X at @Takyon.

That is the whole charter. More soon.

New posts by emailSecurity research, AI testing, and tool releases — when they ship.