Good morning. Yesterday's security developments from Wednesday, December 03, 2025, covering 4 articles across security tools, data breaches, industry guidance, and attack techniques. All attribution is by the article authors. All article analysis is automated.
From Gadi Evron: RAPTOR is an open-source framework that transforms Claude Code into an autonomous security research agent. The system provides automated capabilities for code scanning, fuzzing, vulnerability analysis, and exploitation through multi-layered architecture, supporting multiple LLM providers including Anthropic Claude, OpenAI GPT-4, and Gemini 2.5.
From The Natto Team: Chinese cybersecurity firm Knownsec suffered a significant data breach in August 2023 when hackers exploited three zero-day vulnerabilities in their cloud office system. The breach remained undisclosed for over two years, with 12,000 confidential documents including internal tools and target lists appearing on GitHub and dark web platforms in November 2025.
From infosec.pub: New guidance has been published outlining principles for securely integrating artificial intelligence systems into operational technology environments. The document focuses on security frameworks and best practices for organizations deploying AI in industrial control systems and critical infrastructure.
From the Canadian Centre for Cyber Security: Adversary-in-the-middle phishing attacks are evolving with proxy-based techniques that intercept user connections to capture credentials and MFA secrets for session hijacking. These attacks are targeting Canadian organizations across critical infrastructure sectors using sophisticated phishing kits and legitimate service tunneling to evade traditional IP-based detection methods.