5446 matches found
netfoil's optional seccomp sandboxing was not applied
Summary The optional flag --filter-system-calls was not applied even if specified. Details This is a defense in depth feature to apply additional seccomp filters after the binary has started. The example config also sandboxes the binary with systemd. Impact Reduced sandboxing of the netfoil binar...
8 best practices for CISOs conducting risk reviews
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
Safeguarding Skies: Airport Cybersecurity in the Digital Age
The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...
Evaluation of Prompt Injection Defenses in Large Language Models
LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense configurations across more than 20,000 attacks. Every defense tha...
CVE-2026-22746
A flaw was found in Spring Security. If an application uses the UserDetailsisEnabled, isAccountNonExpired, or isAccountNonLocked user attributes, an attacker can bypass the DaoAuthenticationProvider's timing attack defense. This bypass allows an attacker to potentially gain limited information...
From Stateless Queries to Autonomous Actions: A Layered Security Framework for Agentic AI Systems
Agentic AI systems face security challenges that stateless large language models do not. They plan across extended horizons, maintain persistent memory, invoke external tools, and coordinate with peer agents. Existing security analyses organize threats by attack type prompt injection, jailbreakin...
UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks
Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
The Office of Inspector General OIG of the U.S. National Aeronautics and Space Administration NASA has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities,...
CVE-2026-41338 OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...
SpiceJet Online Booking System
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure for all...
Milesight Cameras
RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed or allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network exposure...
Intrado 911 Emergency Gateway (EGW)
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all control...
Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to bypass authentication and have remote access to sensitive information on the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...
Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models
Large language models LLMs are increasingly integrated into sensitive workflows, raising the stakes for adversarial robustness and safety. This paper introduces Transient Turn InjectionTTI, a new multi-turn attack technique that systematically exploits stateless moderation by distributing...
ID-Eraser: Proactive Defense against Face Swapping Via Identity Perturbation
Deepfake technologies have rapidly advanced with modern generative AI, and face swapping in particular poses serious threats to privacy and digital security. Existing proactive defenses mostly rely on pixel-level perturbations, which are ineffective against contemporary swapping models that extra...
PT-2026-34454
Name of the Vulnerable Software and Affected Versions Ollama affected versions not specified Description An out-of-bounds memory read and write issue exists in the GGUF GPT-Generated Unified Format quantization engine. This occurs because the engine lacks proper bounds checking and trusts tensor...
Spring Security 安全漏洞
Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. There are security vulnerabilities in versions of Spring Security 5.7.22 and earlier, 5.8.24 and earlier, 6.3.15 and earlier, 6.5.9 and earlier, and 7.0.4 and earlier...
openSUSE 16 Security Update : tor (openSUSE-SU-2026:20589-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20589-1 advisory. Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem...
Cyber Defense Benchmark: Agentic Threat Hunting Evaluation for LLMs in SecOps
We introduce the Cyber Defense Benchmark, a benchmark for measuring how well large language model LLM agents perform the core SOC analyst task of threat hunting: given a database of raw Windows event logs with no guided questions or hints, identify the exact timestamps of malicious events. The...
OPENSUSE-SU-2026:20589-1 Security update for tor
This update for tor fixes the following issues: Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem TROVE-2026-004, boo1262302 Fix a series of defense in depth security issues found across the codeba...