GitInject: Real-World Prompt Injection Attacks in AI-Powered CI/CD Pipelines

AI-powered agents are increasingly embedded in continuous integration and continuous delivery/deployment CI/CD pipelines to autonomously review pull requests PRs, triage issues, and maintain codebases. These agents ingest untrusted content while operating with elevated repository permissions,...

From Untrusted Input to Trusted Memory: A Systematic Study of Memory Poisoning Attacks in LLM Agents

Memory is a core component of AI agents, enabling them to accumulate knowledge across interactions and improve performance. However, persistent memory introduces the risk of memory poisoning, where a single adversarial memory write can exert long-term influence over agent behavior. We present a...

From Tool Orchestration to Code Execution: A Study of MCP Design Choices

Model Context Protocols MCPs provide a unified platform for agent systems to discover, select, and orchestrate tools across heterogeneous execution environments. As MCP-based systems scale to incorporate larger tool catalogs and multiple concurrently connected MCP servers, traditional tool-by-too...

Adaptive Intrusion Detection for Evolving RPL IoT Attacks Using Incremental Learning

The routing protocol for low-power and lossy networks RPL has become the de facto routing standard for resource-constrained IoT systems, but its lightweight design exposes critical vulnerabilities to a wide range of routing-layer attacks such as hello flood, decreased rank, and version number...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4py pythonic pure python RCE exploit for CVE-2021-44228 log...