5445 matches found
groovestrike
GrooveStrike Autonomous Penetration Testing Framework...
Gray-Box Poisoning of Continuous Malware Ingestion Pipelines
Modern malware detection pipelines rely on continuous data ingestion and machine learning to counter the high volume of novel threats. This work investigates a realistic gray-box poisoning threat model targeting these pipelines. Using the secmlmalware framework, we generate problem-space...
SecureMCP: A Policy-Enforced LLM Data Access Framework for AIoT Systems Via Model Context Protocol
The deployment of Large Language Model LLM-generated SQL queries in Artificial Intelligence of Things AIoT systems introduces critical security risks, as prompt injection attacks can manipulate LLMs into producing unauthorized queries that expose sensitive data or execute destructive operations...
PT-2026-37460
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur when filemap release folio is invoked on a folio belonging to a mapping with AS RELEASE ALWAYS set but without a defined release folio operation. In...
ARGUS: Defending LLM Agents against Context-Aware Prompt Injection
The rise of Large Language Model LLM agents, augmented with tool use, skills, and external knowledge, has introduced new security risks. Among them, prompt injection attacks, where adversaries embed malicious instructions into the agent workflow, have emerged as the primary threat. However,...
The Adversarial Discount - AI, Signal Correlation, and the Cybersecurity Arms Race
We study a contest-theoretic model of adversarial investment in which an attacker and a defender allocate resources to AI-augmented capabilities across multiple attack surfaces. The attacker's investment operates through two channels: it amplifies offensive potency unconditionally and erodes...
Stable Agentic Control: Tool-Mediated LLM Architecture for Autonomous Cyber Defense
Agentic systems involved in high-stake decision-making under adversarial pressure need formal guarantees not offered by existing approaches. Motivated by the operational needs of security operations centers SOCs that must configure endpoint detection and response EDR policies under adversarial...
Autonomous LLM Agent Worms: Cross-Platform Propagation, Automated Discovery and Temporal Re-Entry Defense
Autonomous LLM agents operate as long-running processes with persistent workspaces, memory files, scheduled task state, and messaging integrations. These features create a new propagation risk: attacker-influenced content can be written into persistent agent state, re-enter the LLM decision conte...
PIIGuard: Mitigating PII Harvesting under Adversarial Sanitization
Browsing-enabled LLM assistants can fetch webpages and answer contact-seeking queries, creating a practical channel for scraping contact-style personally identifiable information PII from public pages. Many prior defenses are deployed at the model, service, or agent layer rather than at the webpa...
CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments
In this article 1. Vulnerability details 2. Mitigation and protection guidance 3. Microsoft Defender XDR detections 4. References 5. Learn more Microsoft Defender is investigating a high-severity local privilege escalation vulnerability CVE-2026-31431 affecting multiple major Linux distributions...
Cisco Firepower Threat Defense (FTD) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an...
PT-2026-36320
Unauthenticated Cross Site Scripting XSS in Contact Form to Any API = 3.0.3 versions...
Cisco Firepower Threat Defense (FTD) Software TLS with Snort 3 Detection Engine DoS (cisco-sa-ftd-tcp-dos-rHfqnwRg)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the TLS processing feature of the Snort 3 detection engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote...
Cisco Adaptive Security Appliance (ASA) Software VPN DoS (cisco-sa-asaftd-vpn-dos-SpOFF2Re)
According to its self-reported version, Cisco ASA Software is affected by a vulnerability. - A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacke...
Cisco Firepower Threat Defense (FTD) Software OSPF DoS Vulnerabilities (cisco-sa-asaftd-ospf-ZH8PhbSW)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...
Cisco Firepower Threat Defense (FTD) Software IKEv2 DoS Vulnerabilities (cisco-sa-asaftd-ikev2-dos-eBueGdEG)
According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by multiple vulnerabilities. - A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a...
Security Attack and Defense Strategies for Autonomous Agent Frameworks: A Layered Review with OpenClaw As a Case Study
Autonomous agent frameworks built upon large language models LLMs are evolving into complex, tool-integrated, and continuously operating systems, introducing security risks beyond traditional prompt-level vulnerabilities. As this paradigm is still at an early stage of development, a timely and...
Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors
Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is sufficient to steal them. Current passive...
TwinGate: Stateful Defense against Decompositional Jailbreaks in Untraceable Traffic Via Asymmetric Contrastive Learning
Decompositional jailbreaks pose a critical threat to large language models LLMs by allowing adversaries to fragment a malicious objective into a sequence of individually benign queries that collectively reconstruct prohibited content. In real-world deployments, LLMs face a continuous, untraceable...
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
A China-aligned threat group is exploiting unpatched Microsoft Exchange vulnerabilities to conduct cyberespionage against government and critical infrastructure targets across Asia and beyond...