44 matches found
Building an Agentic Cloud Security Ecosystem: A Reference Architecture with Wiz MCP and Infosys Cyber Next
Coordinated Multi-Agent Investigation and Remediation...
Multi-Agent End-To-End Vulnerability Management for Mitigating Recurring Vulnerabilities
Software vulnerability management has become increasingly critical as modern systems scale in size and complexity. However, existing automated approaches remain insufficient. Traditional static analysis methods struggle to precisely capture contextual dependencies, especially when vulnerabilities...
CHASE: LLM Agents for Dissecting Malicious PyPI Packages
Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While Large Language Models LLMs offer promising capabilities fo...
An Empirical Evaluation of LLM-Based Approaches for Code Vulnerability Detection: RAG, SFT, and Dual-Agent Systems
The rapid advancement of Large Language Models LLMs presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of LLM-based techniques for detecting software vulnerabilities...
EUVD-2025-20748
Malicious code in bioql PyPI...
FalseCrashReducer: Mitigating False Positive Crashes in OSS-Fuzz-Gen Using Agentic AI
Fuzz testing has become a cornerstone technique for identifying software bugs and security vulnerabilities, with broad adoption in both industry and open-source communities. Directly fuzzing a function requires fuzz drivers, which translate random fuzzer inputs into valid arguments for the target...
MAVUL: Multi-Agent Vulnerability Detection Via Contextual Reasoning and Interactive Refinement
The widespread adoption of open-source software OSS necessitates the mitigation of vulnerability risks. Most vulnerability detection VD methods are limited by inadequate contextual understanding, restrictive single-round interactions, and coarse-grained evaluations, resulting in undesired model...
PhishLumos: an Adaptive Multi-Agent System for Proactive Phishing Campaign Mitigation
Phishing attacks are a significant societal threat, disproportionately harming vulnerable populations and eroding trust in essential digital services. Current defenses are often reactive, failing against modern evasive tactics like cloaking that conceal malicious content. To address this, we...
XOffense: an AI-Driven Autonomous Penetration Testing Framework with Offensive Knowledge-Enhanced LLMs and Multi Agent Systems
This work introduces xOffense, an AI-driven, multi-agent penetration testing framework that shifts the process from labor-intensive, expert-driven manual efforts to fully automated, machine-executable workflows capable of scaling seamlessly with computational infrastructure. At its core, xOffense...
SV-LLM: an Agentic Approach for SoC Security Verification Using Large Language Models
Ensuring the security of complex system-on-chips SoCs designs is a critical imperative, yet traditional verification techniques struggle to keep pace due to significant challenges in automation, scalability, comprehensiveness, and adaptability. The advent of large language models LLMs, with their...
IP Leakage Attacks Targeting LLM-Based Multi-Agent Systems
The rapid advancement of Large Language Models LLMs has led to the emergence of Multi-Agent Systems MAS to perform complex tasks through collaboration. However, the intricate nature of MAS, including their architecture and agent interactions, raises significant concerns regarding intellectual...
MultiPhishGuard: an LLM-Based Multi-Agent System for Phishing Email Detection
Phishing email detection faces critical challenges from evolving adversarial tactics and heterogeneous attack patterns. Traditional detection methods, such as rule-based filters and denylists, often struggle to keep pace with these evolving tactics, leading to false negatives and compromised...
PandaGuard: Systematic Evaluation of LLM Safety against Jailbreaking Attacks
Large language models LLMs have achieved remarkable capabilities but remain vulnerable to adversarial prompts known as jailbreaks, which can bypass safety alignment and elicit harmful outputs. Despite growing efforts in LLM safety research, existing evaluations are often fragmented, focused on...
LibVulnWatch: a Deep Assessment Agent System and Leaderboard for Uncovering Hidden Vulnerabilities in Open-Source AI Libraries
Open-source AI libraries are foundational to modern AI systems but pose significant, underexamined risks across security, licensing, maintenance, supply chain integrity, and regulatory compliance. We present LibVulnWatch, a graph-based agentic assessment framework that performs deep,...
Automating Function-Level TARA for Automotive Full-Lifecycle Security
As modern vehicles evolve into intelligent and connected systems, their growing complexity introduces significant cybersecurity risks. Threat Analysis and Risk Assessment TARA has therefore become essential for managing these risks under mandatory regulations. However, existing TARA automation...
idcCMS 安全漏洞
Net Titanium Technology idcCMS Net Titanium IDC Cloud Management Agent System is a cloud management agent system from China's Net Titanium Technology. A security vulnerability exists in version V1.35 of idcCMS, which originates from admin/tplSysdeal.php and contains a cross-site request forgery...
Mail.ru: [ICQ] nwwwstg-d01.ops.icq.com check mk agent exposed to public
System information disclose on nwwwstg-d01.ops.icq.com...
Rae Media Real Estate Multi Agent SQL Injection Vulnerability
No description provided by source. Source: http://www.securityfocus.com/bid/45212/discuss Multi Agent System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Multi Agent System city. asp SQL injection vulnerability and fix-vulnerability warning-the black bar safety net
Author: R4dc0re Information Description: a Multi-Agent System of the city. asp the reason there may be the use ofSQL injectionis due to this file and there is insufficient filtering of user requests query caused. The use of this vulnerability may allow an attacker to use to the server application...
Rae Media Real Estate Multi Agent SQL Injection Vulnerability
Exploit for asp platform in category web applications Multi Agent System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...