INE Security Releases Industry Benchmark Report: “Wired Together: The Case for Cross-Training in Networking and Cybersecurity”

Raleigh, United States, 7th October 2025, CyberNewsWire...

EUVD-2019-16000

Malware in sbrugna...

EUVD-2023-36382

Malicious code in bioql PyPI...

EUVD-2022-27667

Malicious code in bioql PyPI...

EUVD-2023-1967

Malicious code in bioql PyPI...

EUVD-2024-29256

Malicious code in bioql PyPI...

EUVD-2024-29780

Malicious code in bioql PyPI...

CryptOracle: A Modular Framework to Characterize Fully Homomorphic Encryption

Privacy-preserving machine learning has become an important long-term pursuit in this era of artificial intelligence AI. Fully Homomorphic Encryption FHE is a uniquely promising solution, offering provable privacy and security guarantees. Unfortunately, computational cost is impeding its mass...

SoK: Measuring What Matters for Closed-Loop Security Agents

Cybersecurity is a relentless arms race, with AI driven offensive systems evolving faster than traditional defenses can adapt. Research and tooling remain fragmented across isolated defensive functions, creating blind spots that adversaries exploit. Autonomous agents capable of integrating, explo...

Binary Diff Summarization Using Large Language Models

Security of software supply chains is necessary to ensure that software updates do not contain maliciously injected code or introduce vulnerabilities that may compromise the integrity of critical infrastructure. Verifying the integrity of software updates involves binary differential analysis...

SafeSearch: Automated Red-Teaming for the Safety of LLM-Based Search Agents

Search agents connect LLMs to the Internet, enabling access to broader and more up-to-date information. However, unreliable search results may also pose safety threats to end users, establishing a new threat surface. In this work, we conduct two in-the-wild experiments to demonstrate both the...

SecureAgentBench: Benchmarking Secure Code Generation under Realistic Vulnerability Scenarios

Large language model LLM powered code agents are rapidly transforming software engineering by automating tasks such as testing, debugging, and repairing, yet the security risks of their generated code have become a critical concern. Existing benchmarks have offered valuable insights but remain...

FakeSound2: a Benchmark for Explainable and Generalizable Deepfake Sound Detection

The rapid development of generative audio raises ethical and security concerns stemming from forged data, making deepfake sound detection an important safeguard against the malicious use of such technologies. Although prior studies have explored this task, existing methods largely focus on binary...

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: modelmesh-runtime-adapter, bank-vaults, local-path-provisioner, ctop, rancher-machine, mongodb-kubernetes-operator, container-object-storage-interface, docker-credential-ecr-login, dagdotdev, cloud-provider-aws, nats, newrelic-fluent-bit-output, gitlab-runner,...

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: modelmesh-runtime-adapter, bank-vaults, local-path-provisioner, ctop, rancher-machine, mongodb-kubernetes-operator, container-object-storage-interface, docker-credential-ecr-login, dagdotdev, cloud-provider-aws, nats, newrelic-fluent-bit-output, gitlab-runner,...

Time-of-Check Time-of-Use Attacks Against LLMs

This is a nice piece of research: "Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents".: Abstract: Large Language Model LLM-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security...

Exploiting Timing Side-Channels in Quantum Circuits Simulation Via ML-Based Methods

As quantum computing advances, quantum circuit simulators serve as critical tools to bridge the current gap caused by limited quantum hardware availability. These simulators are typically deployed on cloud platforms, where users submit proprietary circuit designs for simulation. In this work, we...

Shell or Nothing: Real-World Benchmarks and Memory-Activated Agents for Automated Penetration Testing

Penetration testing is critical for identifying and mitigating security vulnerabilities, yet traditional approaches remain expensive, time-consuming, and dependent on expert human labor. Recent work has explored AI-driven pentesting agents, but their evaluation relies on oversimplified...

PatchSeeker: Mapping NVD Records to Their Vulnerability-Fixing Commits with LLM Generated Commits and Embeddings

Software vulnerabilities pose serious risks to modern software ecosystems. While the National Vulnerability Database NVD is the authoritative source for cataloging these vulnerabilities, it often lacks explicit links to the corresponding Vulnerability-Fixing Commits VFCs. VFCs encode precise code...

AgentSentinel: an End-To-End and Real-Time Security Defense Framework for Computer-Use Agents

Large Language Models LLMs have been increasingly integrated into computer-use agents, which can autonomously operate tools on a user's computer to accomplish complex tasks. However, due to the inherently unstable and unpredictable nature of LLM outputs, they may issue unintended tool commands or...