Can LLMs Hack Enterprise Networks? -- Replicated Computational Results (RCR) Report

This is the Replicated Computational Results RCR Report for the paper "Can LLMs Hack Enterprise Networks?" The paper empirically investigates the efficacy and effectiveness of different LLMs for penetration-testing enterprise networks, i.e., Microsoft Active Directory Assumed-Breach Simulations...

MAL-2026-1095 Malicious code in jquery-display (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0873d8250c8747e1115c2866076509122f7e9ea8f4dde4dca4920d0f31f4874 The package jquery-display was found to contain malicious code. Source: ossf-package-analysis...

Power Network SCADA Quantum Communications: A Comparison of BB84, B92, E91, and SGS04 Quantum Key Distribution Protocols

The current state, emerging trends, and practical challenges of optical fiber-based power network SCADA quantum communication must be addressed to fully utilise the technological platform's potential in real-world power system SCADA communications involving massive volumes of real-time data, as...

Malicious code in bps-design-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f41e4d6abfba5f03e914140b0b171314ef8a614e3e03ff9685325532260a745 The package bps-design-system was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-1083 Malicious code in dc-mobx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df9e2dd1e6518d1399b40b444e58b1df6e1b73c5b7537390ba5950221b7835c0 The package dc-mobx was found to contain malicious code. Source: ghsa-malware 7ed4c54f4caa51eaa254af92038fe2e076f7dbe16e0067d481d9aa89925e3ec4 Any...

EUVD-2026-9078

malcontent: Nested archive extraction failure can drop content from scan inputs...

ch.acanda.maven:code-analysis-maven-plugin (>=1.6.0 <=1.27.0), com.jpinpoint.sonar:sonar-pmd-jpinpoint (>=2.0.0 <=2.1.1) +116 more potentially affected by CVE-2026-28338 via net.sourceforge.pmd:pmd-core (>=7.0.0-rc1 <=7.21.0)

net.sourceforge.pmd:pmd-core MAVEN version =7.0.0-rc1, =1.6.0, =2.0.0, =0.25.1, =0.25.1, =1.0.0, =0.5.6, =0.5.41, =12.2.0, =3.31.0, =0.7.0, =0.67.2, =0.67.2, =2.0.0, =0.1.0, =0.1.19 and more Source cves: CVE-2026-28338 Source advisory: SNYK:JAVA-NETSOURCEFORGEPMD-15365925...

CVE-2026-28407

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

CVE-2026-28338

PMD is affected in versions prior to 7.22.0 where the legacy report formats vbhtml and yahtml insert rule-violation messages into HTML without escaping, causing potential cross-site scripting if untrusted source code contains crafted strings. The vulnerability does not affect the default html for...

Malicious code in @zinley/orion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb5209e6394eac2659ab3101809c2a59bf59a604346075a9d923de21d982812e The package @zinley/orion was found to contain malicious code. Source: ossf-package-analysis...

Formal Analysis and Supply Chain Security for Agentic AI Skills

The rapid proliferation of agentic AI skill ecosystems -- exemplified by OpenClaw 228,000 GitHub stars and Anthropic Agent Skills 75,600 stars -- has introduced a critical supply chain attack surface. The ClawHavoc campaign January-February 2026 infiltrated over 1,200 malicious skills into the...

PT-2026-22398

Name of the Vulnerable Software and Affected Versions PMD versions prior to 7.22.0 Description PMD, a static code analyzer, contains a flaw where its vbhtml and yahtml report formats do not properly escape characters when inserting rule violation messages into HTML output. Analyzing untrusted...

Exploring Robust Intrusion Detection: A Benchmark Study of Feature Transferability in IoT Botnet Attack Detection

Cross-domain intrusion detection remains a critical challenge due to significant variability in network traffic characteristics and feature distributions across environments. This study evaluates the transferability of three widely used flow-based feature sets Argus, Zeek and CICFlowMeter across...

MAL-2026-1050 Malicious code in launch-darkly-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b23f579bd6a28b963c5574bfb9148b80de6e59d96c6cb0d10f4d2a35d4c010ac The package launch-darkly-js was found to contain malicious code. Source: ghsa-malware e7a7ecd2770ab8b028a7d1fc05847c7049e1f276886eafb32222fcb81b1d79...

Malicious code in hardhat-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64850c9938e9fa6cb3e89f001306cc9906dd810b24573bd990d1cafc92893df2 The package hardhat-node was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-1051 Malicious code in corstoken (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d343f604565676254c8b24e997c84396038593cf5259c15d044ec3c5ab3350 The package corstoken was found to contain malicious code. Source: ghsa-malware d7d7cc0fd416fdcbdfe3517bbfd1ffec7e67ce88349fb17ddd2b22e408f740ed Any...

MAL-2026-1038 Malicious code in promanage (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34866a6d91e495c7692a123d4f1b31f1a98cf793744c4649f92eccf97d43ee9b The package promanage was found to contain malicious code. Source: ghsa-malware 55e3f919d2876892f9e686ad04eb2e38c1f5fdb1e3d93f39fc306563d9a4fa18 Any...

MAL-2026-1043 Malicious code in uuindex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a373d8c2c653d1b6effee8ff65bba442fcf08d7eea88ec95707680697385646 The package uuindex was found to contain malicious code. Source: ghsa-malware 47c06a7b235c91fbc08cc942c69f1e05ecdb8093c9658bd5ade2b8866cc33f4c Any...

Why Intelligent Contract Solutions Are Replacing Traditional CLM Systems

Intelligent contract solutions replace traditional CLM by adding AI analysis, benchmarking, and risk insights that speed reviews, reduce delays, and improve decisions...