29 matches found
[SECURITY] Fedora 42 Update: apptainer-1.5.0-1.fc42
Apptainer provides functionality to make portable containers that can be used across host environments...
AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey
Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and alert-fatigue mitigation from 2015 to 2026. We synthesiz...
CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection
AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate CSTS, an entity-relational abstraction that enforces identity persistence, typed relationships, and...
Everyday tools, extraordinary crimes: the ransomware exfiltration playbook
Data exfiltration activity increasingly leverages legitimate native utilities, commonly deployed third-party tools, and cloud service clients, reducing the effectiveness of static indicators of compromise IOCs and tool-based blocking strategies. The Exfiltration Framework systematically normalize...
DREAM: Dynamic Red-Teaming across Environments for AI Models
Large Language Models LLMs are increasingly used in agentic systems, where their interactions with diverse tools and environments create complex, multi-stage safety challenges. However, existing benchmarks mostly rely on static, single-turn assessments that miss vulnerabilities from adaptive,...
Managed TLS under Migration: Authentication Authority across CDN and Hosting Transitions
Managed TLS has become a common approach for deploying HTTPS, with platforms generating and storing private keys and automating certificate issuance on behalf of domain operators. This model simplifies operational management but shifts control of authentication material from the domain owner to t...
EUVD-2025-177802
Malicious code in miranda-native-cross-env-oauth npm...
EUVD-2025-178737
Malicious code in genomics-biohacking-xanadu-cross-env npm...
EUVD-2025-179495
Malicious code in cross-env-vega-native-blazar npm...
EUVD-2025-177949
Malicious code in markdown-pdf-jsonp-brane-cross-env npm...
Malicious code in unuk-schema-cross-env-browserify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a284a163b533011f80b6796a04ffc656782019c6c3bff8d63b9b8bf081c1baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116072
Malicious code in blaze-release-it-cross-env-yakutsk npm...
EUVD-2025-111804
Malicious code in less-cross-env-enif-pm2 npm...
MAL-2025-141249 Malicious code in cross-env-betelgeuse-pm2-mongoose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a127b38dc2df9361abb4033f5f1d96762668df04c6aaaf121099671b7d19dc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-116543
Malicious code in aquarius-webdriver-mocha-hyperion-cross-env npm...
EUVD-2025-114837
Malicious code in cross-env-semantic-ui-dependencies-europa npm...
EUVD-2025-112801
Malicious code in hermes-cross-env-quasar-duplex npm...
EUVD-2025-121547
Malicious code in superagent-cross-env-csv-nodemon npm...
EUVD-2025-112649
Malicious code in hyperion-aldebaran-node-config-cross-env npm...
EUVD-2025-115154
Malicious code in commitlint-blaze-rollup-cross-env npm...