12957 matches found
fuzzing-portfolio-project
Fuzzing Portfolio Project: Heap Overflow Discovery Author:...
kog-bonds-poc
KOG Bonds POC Agent Complete proof-of-concept demonstrating e...
SoK: DARPA'S AI Cyber Challenge (AIxCC): Competition Design, Architectures, and Lessons Learned
DARPA's AI Cyber Challenge AIxCC, 2023--2025 is the largest competition to date for building fully autonomous cyber reasoning systems CRSs that leverage recent advances in AI -- particularly large language models LLMs -- to discover and remediate vulnerabilities in real-world open-source software...
iPhone Lockdown Mode Protects Washington Post Reporter
404Media is reporting that the FBI could not access a reporter's iPhone because it had Lockdown Mode enabled: The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson, in January as...
Malicious code in @sporting-life/sportinglife-betslip-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03ea37f49a71528d3b04ca0f85062647957839058cc40ad9ce8d1a60a1dd51c6 The package @sporting-life/sportinglife-betslip-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-786 Malicious code in @rsgweb/locale-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b1882e2ffa769f9383127f2bfc582935b3bb1145e172eb6941a0276989a983f The package @rsgweb/locale-tools was found to contain malicious code. Source: ghsa-malware...
Malicious code in @rsgweb/locale-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b1882e2ffa769f9383127f2bfc582935b3bb1145e172eb6941a0276989a983f The package @rsgweb/locale-tools was found to contain malicious code. Source: ghsa-malware...
CVE-2024-40685
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
Malicious code in ethers-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315365a10d9e3322792c18bdb8c5a8e620bbcc2a9ad8d5a1d5ef139ef6e47777 The package ethers-lint was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-773 Malicious code in ethers-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315365a10d9e3322792c18bdb8c5a8e620bbcc2a9ad8d5a1d5ef139ef6e47777 The package ethers-lint was found to contain malicious code. Source: ossf-package-analysis...
Ethical-Hacking-Tools-Level2
🛡️ Cybersecurity & Python Portfolio - Level 2 Author: Pa...
MAL-2026-770 Malicious code in xpack-per-user (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd02e72044e1a432dd520594d89d568cdd80feaef160f24160f04cc549662c08 The package xpack-per-user was found to contain malicious code. Source: ghsa-malware 1182af58fca66833bb4a361e986f5ba960d9e9ab320cd787464bda92246392fb...
Malicious code in conp-dats-editor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adac2b3e811707a0113ec1484330ebada12a632966c81143eab49233e87cabbf The package conp-dats-editor was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2024-55398
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
Identifying Adversary Tactics and Techniques in Malware Binaries with an LLM Agent
Understanding TTPs Tactics, Techniques, and Procedures in malware binaries is essential for security analysis and threat intelligence, yet remains challenging in practice. Real-world malware binaries are typically stripped of symbols, contain large numbers of functions, and distribute malicious...
Persistent Human Feedback, LLMs, and Static Analyzers for Secure Code Generation and Vulnerability Detection
Existing literature heavily relies on static analysis tools to evaluate LLMs for secure code generation and vulnerability detection. We reviewed 1,080 LLM-generated code samples, built a human-validated ground-truth, and compared the outputs of two widely used static security tools, CodeQL and...
Semi-Device-Independent Quantum Random Number Generator Resistant to General Attacks
Quantum random number generators QRNGs produce true random numbers based on the inherent randomness of quantum theory, rendering them a foundational segment of quantum cryptography. Distinguished from trusted-device QRNGs whose security depends on characterized devices, semi-device-independent...
CVE-2024-40685
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...