151 matches found
CVE-2026-9263
The Zephyr Bluetooth controller ISO Adaptation Layer subsys/bluetooth/controller/llsw/isoal.c fails to validate the length field of a framed ISO PDU start segment. Per the Bluetooth specification a start segment sc=0 always carries a 3-byte timeoffset, so its segment-header len must be at least...
OffSploit
OffSploit: Autonomous Exploit Adaptation & C2 Framework !Py...
RISC-V-In-Proactive-computer-Security-PCS-
Exploring RISC-V in Proactive Computer Security PCS PUK pro...
On the Study of Biometric Spoofing Detection Using Deep Learning
Biometric systems are increasingly deployed in security applications; however, they remain vulnerable to spoofing attacks, in which attackers exploit counterfeit biometric data to gain unauthorized access. This research evaluates the effectiveness of state-of-the-art machine learning models,...
RadKey: An LLM-Guided RF Backscatter System for Through-Wall Keystroke Inference
In today's digitally connected world, keyboards remain the primary interface for inputting sensitive information, making them a persistent target for eavesdropping attacks. While prior keystroke inference techniques have exploited side-channel signals such as acoustics and vibrations, they...
GETA: Generalized Encrypted Traffic Analysis
Traditional traffic analysis is being fundamentally challenged by the rapid adoption of encryption, tunnelling, and privacy-preserving protocols, which increasingly obscure packet payloads and limit the usefulness of Deep Packet Inspection DPI. Although machine learning has advanced encrypted...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fix for u8 overflow By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a bounda...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/sctp: A null dereference in the sctpdisposition sctpsfdo51Dce function has been fixed. If newasoc-peer.adaptationind=0, sctpulpeventmakeauthkey=0, and sctpulpeventmakeauthkey returns 0, then the variable aiev remains zero, an...
Ablating Safety: Mechanisms for Removing Alignment in Language Models for Security Applications
Safety-aligned language models often refuse cybersecurity requests whose wording resembles misuse, even when the task is authorized and defensive. This makes security evaluation ambiguous: a failed answer may reflect missing capability or refusal-policy intervention. Ablating Safety studies...
Threat Modelling Using Domain-Adapted Language Models: Empirical Evaluation and Insights
Large Language ModelsLLMs are increasingly explored for cybersecurity applications such as vulnerability detection. In the domain of threat modelling, prior work has primarily evaluated a number of general-purpose Large Language Models under limited prompting settings. In this study, we extend th...
OpenSOC-AI: Democratizing Security Operations with Parameter Efficient LLM Log Analysis
Small and medium sized businesses SMBs face an escalating cybersecurity threat landscape, yet most lack the resources to staff full Security Operations Centers SOCs or deploy enterprise grade detection platforms. This paper presents OpenSOC-AI, a lightweight log analysis framework that uses...
DP-FlogTinyLLM: Differentially Private Federated Log Anomaly Detection Using Tiny LLMs
Modern distributed systems generate massive volumes of log data that are critical for detecting anomalies and cyber threats. However, in real world settings, these logs are often distributed across multiple organizations and cannot be centralized due to privacy and security constraints. Existing...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013106)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013106 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctpdisposition sctpsfdo51Dce If newasoc-peer.adaptationind=0...
Can Drift-Adaptive Malware Detectors Be Made Robust? Attacks and Defenses under White-Box and Black-Box Threats
Concept drift and adversarial evasion are two major challenges for deploying machine learning-based malware detectors. While both have been studied separately, their combination, the adversarial robustness of drift-adaptive detectors, remains unexplored. We address this problem with AdvDA, a rece...
CVE-2026-23462
A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...
SUSE CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
Collaborative Zone-Adaptive Zero-Day Intrusion Detection for IoBT
The Internet of Battlefield Things IoBT relies on heterogeneous, bandwidth-constrained, and intermittently connected tactical networks that face rapidly evolving cyber threats. In this setting, intrusion detection cannot depend on continuous central collection of raw traffic due to disrupted link...
In-Context Autonomous Network Incident Response: An End-To-End Large Language Model Agent Approach
Rapidly evolving cyberattacks demand incident response systems that can autonomously learn and adapt to changing threats. Prior work has extensively explored the reinforcement learning approach, which involves learning response strategies through extensive simulation of the incident. While this...
LoRA-Based Parameter-Efficient LLMs for Continuous Learning in Edge-Based Malware Detection
The proliferation of edge devices has created an urgent need for security solutions capable of detecting malware in real time while operating under strict computational and memory constraints. Recently, Large Language Models LLMs have demonstrated remarkable capabilities in recognizing complex...
Lightweight LLMs for Network Attack Detection in IoT Networks
The rapid growth of Internet of Things IoT devices has increased the scale and diversity of cyberattacks, exposing limitations in traditional intrusion detection systems. Classical machine learning ML models such as Random Forest and Support Vector Machine perform well on known attacks but requir...