Backdoor Threats in Variational Quantum Circuits: Taxonomy, Attacks, and Defenses

Variational quantum algorithms VQAs are a central paradigm for noisy intermediate-scale NISQ quantum computing, yet their reliance on predesigned and pretrained variational quantum circuits VQCs introduces critical security vulnerabilities, particularly backdoor attacks. These attacks embed hidde...

Gravity Falls: A Comparative Analysis of Domain-Generation Algorithm (DGA) Detection Methods for Mobile Device Spearphishing

Mobile devices are frequent targets of eCrime threat actors through SMS spearphishing smishing links that leverage Domain Generation Algorithms DGA to rotate hostile infrastructure. Despite this, DGA research and evaluation largely emphasize malware C2 and email phishing datasets, leaving limited...

Trojans in Artificial Intelligence (TrojAI) Final Report

The Intelligence Advanced Research Projects Activity IARPA launched the TrojAI program to confront an emerging vulnerability in modern artificial intelligence: the threat of AI Trojans. These AI trojans are malicious, hidden backdoors intentionally embedded within an AI model that can cause a...

Exploit for CVE-2025-55182

CVE-2025-55182-RCE-shell Detection -dnslog DNSLog N...

Safe2Harm: Semantic Isomorphism Attacks for Jailbreaking Large Language Models

Large Language Models LLMs have demonstrated exceptional performance across various tasks, but their security vulnerabilities can be exploited by attackers to generate harmful content, causing adverse impacts across various societal domains. Most existing jailbreak methods revolve around Prompt...

WAInjectBench: Benchmarking Prompt Injection Detections for Web Agents

Multiple prompt injection attacks have been proposed against web agents. At the same time, various methods have been developed to detect general prompt injection attacks, but none have been systematically evaluated for web agents. In this work, we bridge this gap by presenting the first...

[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them

⚠️ One click is all it takes. An engineer spins up an "experimental" AI Agent to test a workflow. A business unit connects to automate reporting. A cloud platform quietly enables a new agent behind the scenes. Individually, they look harmless. But together, they form an invisible swarm of Shadow A...

The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation

Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...

Hunting in the Dark: Metrics for Early Stage Traffic Discovery

Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...

Exploit for CVE-2025-49113

CVE-2025-49113 Scanner 🔍 Description A powerful, multi-me...

VideoMarkBench: Benchmarking Robustness of Video Watermarking

The rapid development of video generative models has led to a surge in highly realistic synthetic videos, raising ethical concerns related to disinformation and copyright infringement. Recently, video watermarking has been proposed as a mitigation strategy by embedding invisible marks into...

Server-Side Template Injection Vulnerabilities and Exploitation Techniques

Research article called Server-Side Template Injection SSTI Vulnerabilities and Exploitation Techniques. The paper provides a structured methodology for detecting and exploiting SSTI vulnerabilities across multiple template engines, along with real-world case studies and mitigation strategies...

Another Move in the Deepfake Creation/Detection Arms Race

Deepfakes are now mimicking heartbeats In a nutshell Recent research reveals that high-quality deepfakes unintentionally retain the heartbeat patterns from their source videos, undermining traditional detection methods that relied on detecting subtle skin color changes linked to heartbeats. The...

Data Encryption Battlefield: a Deep Dive into the Dynamic Confrontations in Ransomware Attacks

In the rapidly evolving landscape of cybersecurity threats, ransomware represents a significant challenge. Attackers increasingly employ sophisticated encryption methods, such as entropy reduction through Base64 encoding, and partial or intermittent encryption to evade traditional detection...

Exploit for CVE-2025-29927

CVE-2025-29927 Next.Js permission bypass vulnerability CVE-...

Steganography Explained: How XWorm Hides Inside Images

Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and...

Over 1000 Malicious Packages Found Exploiting Open-Source Platforms

Over 1,000 malicious packages found using low file counts, suspicious installs, and hidden APIs. Learn key detection methods…...

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques

Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan RAT, developed in C, is a highly sophisticated malware offering unauthorised remote access with...

CISA and Partners Release Advisory on RansomHub Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and Department of Health and Human Services HHS—released a joint Cybersecurity Advisory, StopRansomware: RansomHub Ransomware. This advisory provides network...

CISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways Vulnerabilities

Today, CISA and the following partners released joint Cybersecurity Advisory Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways: Federal Bureau of Investigation FBI Multi-State Information Sharing & Analysis Center MS-ISAC Australian Signals...