5424 matches found
When prompts become shells: RCE vulnerabilities in AI agent frameworks
In this article 1. A representative case study: Semantic Kernel 2. CVE-2026-26030: In-Memory Vector Store 3. CVE-2026-25592: Arbitrary file write through SessionsPythonPlugin 4. The vulnerability 5. Attack chain overview 6. Defending the agentic edge 7. Not bugs, but developed by design 8. CTF...
Gotenberg has a Server-Side Request Forgery (SSRF) Issue
Summary The SSRF hardening shipped in v8.31.0 only covers outbound URLs that Gotenberg's Go code handles — Chromium asset fetches, webhook delivery, and download-from. The LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecti...
groovestrike
GrooveStrike Autonomous Penetration Testing Framework...
PT-2026-37460
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur when filemap release folio is invoked on a folio belonging to a mapping with AS RELEASE ALWAYS set but without a defined release folio operation. In...
SecureMCP: A Policy-Enforced LLM Data Access Framework for AIoT Systems Via Model Context Protocol
The deployment of Large Language Model LLM-generated SQL queries in Artificial Intelligence of Things AIoT systems introduces critical security risks, as prompt injection attacks can manipulate LLMs into producing unauthorized queries that expose sensitive data or execute destructive operations...
Gray-Box Poisoning of Continuous Malware Ingestion Pipelines
Modern malware detection pipelines rely on continuous data ingestion and machine learning to counter the high volume of novel threats. This work investigates a realistic gray-box poisoning threat model targeting these pipelines. Using the secmlmalware framework, we generate problem-space...
ARGUS: Defending LLM Agents against Context-Aware Prompt Injection
The rise of Large Language Model LLM agents, augmented with tool use, skills, and external knowledge, has introduced new security risks. Among them, prompt injection attacks, where adversaries embed malicious instructions into the agent workflow, have emerged as the primary threat. However,...
The Adversarial Discount - AI, Signal Correlation, and the Cybersecurity Arms Race
We study a contest-theoretic model of adversarial investment in which an attacker and a defender allocate resources to AI-augmented capabilities across multiple attack surfaces. The attacker's investment operates through two channels: it amplifies offensive potency unconditionally and erodes...
Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense
Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...
Autonomous LLM Agent Worms: Cross-Platform Propagation, Automated Discovery and Temporal Re-Entry Defense
Autonomous LLM agents operate as long-running processes with persistent workspaces, memory files, scheduled task state, and messaging integrations. These features create a new propagation risk: attacker-influenced content can be written into persistent agent state, re-enter the LLM decision conte...
PIIGuard: Mitigating PII Harvesting under Adversarial Sanitization
Browsing-enabled LLM assistants can fetch webpages and answer contact-seeking queries, creating a practical channel for scraping contact-style personally identifiable information PII from public pages. Many prior defenses are deployed at the model, service, or agent layer rather than at the webpa...
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments
In this article 1. Vulnerability details 2. Mitigation and protection guidance 3. Microsoft Defender XDR detections 4. References 5. Learn more Microsoft Defender is investigating a high-severity local privilege escalation vulnerability CVE-2026-31431 affecting multiple major Linux distributions...
PT-2026-36320
Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...
Cisco Firepower Threat Defense (FTD) Software OSPF DoS Vulnerabilities (cisco-sa-asaftd-ospf-ZH8PhbSW)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
Cisco Adaptive Security Appliance (ASA) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)
According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacke...
Cisco Firepower Threat Defense (FTD) Software IKEv2 DoS Vulnerabilities (cisco-sa-asaftd-ikev2-dos-eBueGdEG)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. - A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a...
Cisco Firepower Threat Defense (FTD) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an...
Cisco Firepower Threat Defense (FTD) Software TLS with Snort 3 Detection Engine DoS (cisco-sa-ftd-tcp-dos-rHfqnwRg)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the TLS processing feature of the Snort 3 detection engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote...
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond...
Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors
Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is sufficient to steal them. Current passive...