DHS Kept Chicago Police Records for Months in Violation of Domestic Espionage Rules

The Department of Homeland Security collected data on Chicago residents accused of gang ties to test if police files could feed an FBI watchlist. Months passed before anyone noticed it wasn’t deleted...

Automated Hardware Trojan Insertion in Industrial-Scale Designs

Industrial Systems-on-Chips SoCs often comprise hundreds of thousands to millions of nets and millions to tens of millions of connectivity edges, making empirical evaluation of hardware-Trojan HT detectors on realistic designs both necessary and difficult. Public benchmarks remain significantly...

Exploit for Missing Authorization in Valvepress Wordpress_Automatic_Plugin

CVE-2021-4374 Testing Environment Complete testing package fo...

pentest-scripts

Pentest Scripts - Unified Security Testing Framework 🎯 Qui...

Malicious code in wei516-ppa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1d5a85017b397970606b9d2d5150a6f6ee8f71fdbd810fe6b0a8f34c577d76d1 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

CLSA-2025-1762537520 Fix CVE(s): CVE-2023-4408

SECURITY UPDATE: The DNS message parsing code in named includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/patches/CVE-2023-4408-1.patch: fix DNSSEC test suite - debian/libdns1100.symbols: some function...

Exploit for User Interface (UI) Misrepresentation of Critical Information in Microsoft

CVE-2025-9491 LNK Obfuscation PoC A proof-of-concept tool for...

ApexPlanet-Task5-capstone-webapp-pentest

🛡️ Capstone Project — Web Application & Network Penetration Test...

Quantifying the Risk of Transferred Black Box Attacks

Neural networks have become pervasive across various applications, including security-related products. However, their widespread adoption has heightened concerns regarding vulnerability to adversarial attacks. With emerging regulations and standards emphasizing security, organizations must...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990484 advisory. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-rai...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990620)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990620 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATARESET We found a hungtask bug in testaeadveccfg as...

Explaining Software Vulnerabilities with Large Language Models

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing SAST tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic warning messages do not sufficiently communicate important...

Exploit for Exposure of Resource to Wrong Sphere in Apache Http_Server

HTTP Request Smuggling Detection Tool This repository contain...

[SECURITY] Fedora 43 Update: python-inline-snapshot-0.30.1-1.fc43

Golden master/snapshot/approval testing library which puts the values right into your source code...

autottp

This is a Python wrapper for the PowerShell Empire API, a framework for penetration testing and red teaming. The wrapper provides a simple interface to interact with the Empire API, allowing users to automate tasks and sequences of actions. The wrapper is feature complete as of Empire 1.5.0 and...

Creating a Linux Application Using VSCodium, Cline, OpenRouter, and Claude

In March I created a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude. This was a program that created square screen captures. The user doesn't need to manually ensure the dimensions are a square. The program makes the window grow and shrink while keeping the length equ...

vulnerable-network-inventory-php

Net Inventory System - Vulnerable Version ⚠️ ADVERTENCIA CR...

xss_test

It is an offensive tool for web application testing. The tool ta...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: stakater-reloader, timescaledb-tune, configmap-reload, cloud-provider-gcp-cloud-controller-manager, kwok, spqr, infinispan-operator, terraform-provider-kubernetes, ipfs-cluster, kaf, tekton-pipelines, swagger, rancher-helm, yunikorn-web, nuclei, grpc-health-probe,...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: pgwatch, stakater-reloader, vexctl, nsc-fips, vitess, cert-manager-cmctl, cyberark-secrets-provider-for-k8s-fips, cloudprober-fips, kapp-fips, knative-eventing, kube-state-metrics-fips, oras, db-operator-fips, crossplane-function-auto-ready, k6-operator-fips, mc,...