356 matches found
Demystifying Feature Engineering in Malware Analysis of API Call Sequences
Machine learning ML has been widely used to analyze API call sequences in malware analysis, which typically requires the expertise of domain specialists to extract relevant features from raw data. The extracted features play a critical role in malware analysis. Traditional feature extraction is...
EUVD-2025-198728
Malicious code in @actbase/react-native-less-transformer npm...
MAL-2025-190710 Malicious code in @actbase/react-native-less-transformer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...
Malicious code in @actbase/react-native-less-transformer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06f669b015d3df7c500b192e927f2890c45ad45dafa608100da2146dca598efa The package @actbase/react-native-less-transformer was found to contain malicious code. Source: ghsa-malware...
Collaborative research by Microsoft and NVIDIA on real-time immunity
AI-Powered Threats Demand AI-Powered Defense While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can n...
Collaborative research by Microsoft and NVIDIA on real-time immunity
AI-Powered Threats Demand AI-Powered Defense While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can n...
Explainable Transformer-Based Email Phishing Classification with Adversarial Robustness
Phishing and related cyber threats are becoming more varied and technologically advanced. Among these, email-based phishing remains the most dominant and persistent threat. These attacks exploit human vulnerabilities to disseminate malware or gain unauthorized access to sensitive information. Dee...
MAL-2025-141084 Malicious code in convict-promise-transform-weywot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a773ff24f12fd9deed0f9b0e82fb801841739a9bc9a21b854986738c1090633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Taught by the Flawed: How Dataset Insecurity Breeds Vulnerable AI Code
AI programming assistants have demonstrated a tendency to generate code containing basic security vulnerabilities. While developers are ultimately responsible for validating and reviewing such outputs, improving the inherent quality of these generated code snippets remains essential. A key...
NVIDIA Megatron-LM 代码注入漏洞
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that is specifically designed for training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from scripts improperly handling malicious data, which could lea...
Hammering the Diagnosis: Rowhammer-Induced Stealthy Trojan Attacks on ViT-Based Medical Imaging
Vision Transformers ViTs have emerged as powerful architectures in medical image analysis, excelling in tasks such as disease detection, segmentation, and classification. However, their reliance on large, attention-driven models makes them vulnerable to hardware-level attacks. In this paper, we...
ABB CoreSense HM和ABB CoreSense M10 路径遍历漏洞
ABB CoreSense HM and ABB CoreSense M10 are both sensors that detect transformer oil from ABB Switzerland. A path traversal vulnerability exists in ABB CoreSense HM version 2.3.1 and earlier and ABB CoreSense M10 version 1.4.1.12 and earlier, which stems from an improperly restricted pathname and...
Can Transformer Memory Be Corrupted? Investigating Cache-Side Vulnerabilities in Large Language Models
Even when prompts and parameters are secured, transformer language models remain vulnerable because their key-value KV cache during inference constitutes an overlooked attack surface. This paper introduces Malicious Token Injection MTI, a modular framework that systematically perturbs cached key...
EUVD-2020-0368
Malware in sbrugna...
Towards Reliable and Practical LLM Security Evaluations Via Bayesian Modelling
Before adopting a new large language model LLM architecture, it is critical to understand vulnerabilities accurately. Existing evaluations can be difficult to trust, often drawing conclusions from LLMs that are not meaningfully comparable, relying on heuristic inputs or employing metrics that fai...
EUVD-2023-59684
Malicious code in bioql PyPI...
EUVD-2023-0381
Malicious code in bioql PyPI...
A Novel Unified Lightweight Temporal-Spatial Transformer Approach for Intrusion Detection in Drone Networks
The growing integration of drones across commercial, industrial, and civilian domains has introduced significant cybersecurity challenges, particularly due to the susceptibility of drone networks to a wide range of cyberattacks. Existing intrusion detection mechanisms often lack the adaptability,...
Self-Supervised Learning of Graph Representations for Network Intrusion Detection
Detecting intrusions in network traffic is a challenging task, particularly under limited supervision and constantly evolving attack patterns. While recent works have leveraged graph neural networks for network intrusion detection, they often decouple representation learning from anomaly detectio...
A Transformer-BiGRU-Based Framework with Data Augmentation and Confident Learning for Network Intrusion Detection
In today's fast-paced digital communication, the surge in network traffic data and frequency demands robust and precise network intrusion solutions. Conventional machine learning methods struggle to grapple with complex patterns within the vast network intrusion datasets, which suffer from data...