Operation-Molasses

🍯 OPERATION MOLASSES PEKMEZ Zencefil Efendi's Cyber Dow...

Position: AI Security Policy Should Target Systems, Not Models

We present swarm-attack, an open-source adversarial testing framework in which multiple lightweight LLM agents coordinate through shared memory, parallel exploration, and evolutionary optimization. Together, our results demonstrate that both safety bypass of frontier models and software...

Skill Description Deception Attack against Task Routing in Internet of Agents

A new paradigm, Internet of Agents IoA, is transforming networked systems into LLM-driven service networks, where heterogeneous agents collaborate through task routing based on their self-declared skill descriptions. Although this promising paradigm enables agentic, distributed, and advanced...

Poisoning the Pixels: Revisiting Backdoor Attacks on Semantic Segmentation

Semantic segmentation models are widely deployed in safety-critical applications such as autonomous driving, yet their vulnerability to backdoor attacks remains largely underexplored. Prior segmentation backdoor studies transfer threat settings from existing image classification tasks, focusing...

DeepStage: Learning Autonomous Defense Policies against Multi-Stage APT Campaigns

This paper presents DeepStage, a deep reinforcement learning DRL framework for adaptive, stage-aware defense against Advanced Persistent Threats APTs. The enterprise environment is modeled as a partially observable Markov decision process POMDP, where host provenance and network telemetry are fus...

Jailbreaking Embodied LLMs Via Action-Level Manipulation

Embodied Large Language Models LLMs enable AI agents to interact with the physical world through natural language instructions and actions. However, beyond the language-level risks inherent to LLMs themselves, embodied LLMs with real-world actuation introduce a new vulnerability: instructions tha...

Automating Agent Hijacking Via Structural Template Injection

Agent hijacking, highlighted by OWASP as a critical threat to the Large Language Model LLM ecosystem, enables adversaries to manipulate execution by injecting malicious instructions into retrieved content. Most existing attacks rely on manually crafted, semantics-driven prompt manipulation, which...

The Crown Jewels of Active Directory: How Trellix Helix Detects NTDS.dit Theft

The Crown Jewels of Active Directory: How Trellix Helix Detects NTDS.dit Theft By Adithya Chandra and Maulik Maheta · February 2, 2026 Executive summary Active Directory serves as the central repository for an organization's authentication infrastructure. Malicious actors frequently focus on...

Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

RunawayEvil: Jailbreaking the Image-To-Video Generative Models

Image-to-Video I2V generation synthesizes dynamic visual content from image and text inputs, providing significant creative control. However, the security of such multimodal systems, particularly their vulnerability to jailbreak attacks, remains critically underexplored. To bridge this gap, we...

A Practical Honeypot-Based Threat Intelligence Framework for Cyber Defence in the Cloud

In cloud environments, conventional firewalls rely on predefined rules and manual configurations, limiting their ability to respond effectively to evolving or zero-day threats. As organizations increasingly adopt platforms such as Microsoft Azure, this static defense model exposes cloud assets to...

Securing Large Language Models (LLMs) from Prompt Injection Attacks

Large Language Models LLMs are increasingly being deployed in real-world applications, but their flexibility exposes them to prompt injection attacks. These attacks leverage the model's instruction-following ability to make it perform malicious tasks. Recent work has proposed JATMO, a task-specif...

Endpoint Security Agent: A Comprehensive Approach to Real-Time System Monitoring and Threat Detection

As cyber threats continue to evolve in complexity and frequency, robust endpoint protection is essential for organizational security. This paper presents "Endpoint Security Agent: A Comprehensive Approach to Real-time System Monitoring and Threat Detection" a modular, real-time security solution...

Inside LockBit: Technical, Behavioral, and Financial Anatomy of a Ransomware Empire

LockBit has evolved from an obscure Ransomware-as-a-Service newcomer in 2019 to the most prolific ransomware franchise of 2024. Leveraging a recently leaked MySQL dump of the gang's management panel, this study offers an end-to-end reconstruction of LockBit's technical, behavioral, and financial...

offensive-toolkit

Offensive Security Toolkit A comprehensive, modular Python fr...

EMPalm: Exfiltrating Palm Biometric Data Via Electromagnetic Side-Channels

Palm recognition has emerged as a dominant biometric authentication technology in critical infrastructure. These systems operate in either single-modal form, using palmprint or palmvein individually, or dual-modal form, fusing the two modalities. Despite this diversity, they share similar hardwar...

Code Agent Can Be an End-To-End System Hacker: Benchmarking Real-World Threats of Computer-Use Agent

Computer-use agent CUA frameworks, powered by large language models LLMs or multimodal LLMs MLLMs, are rapidly maturing as assistants that can perceive context, reason, and act directly within software environments. Among their most critical applications is operating system OS control. As CUAs in...

Towards Principled Analysis and Mitigation of Space Cyber Risks

Space infrastructures have become an underpinning of modern society, but their associated cyber risks are little understood. This Dissertation advances the state-of-the-art via four contributions. i It introduces an innovative framework for characterizing real-world cyber attacks against space...

Membership Inference Attack with Partial Features

Machine learning models have been shown to be susceptible to membership inference attack, which can be used to determine whether a given sample appears in the training data. Existing membership inference methods commonly assume that the adversary has full access to the features of the target...