MemMorph: Tool Hijacking in LLM Agents Via Memory Poisoning

LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks primarily manipulate the tool metadata, which is easily...

cve-researcher

cve-researcher AI-powered CVE research in your terminal —...

eip-mcp

Exploit Intel Platform MCP Server Package/command: eip-mcp...

Beyond Single Reports: Evaluating Automated ATT&CK Technique Extraction in Multi-Report Campaign Settings

Large-scale cyberattacks, referred to as campaigns, are documented across multiple CTI reports from diverse sources, with some providing a high-level overview of attack techniques and others providing technical details. Extracting attack techniques from reports is essential for organizations to...

Access Control Bypass

Overview @lobehub/chat is a Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application. Affected versions of this package are...

EUVD-2025-36733

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

Metasploit Wrap-Up 09/26/2025

New module content 2 Cron Persistence Author: h00die [email protected] Type: Exploit Pull request: 20508 contributed by h00die Path: multi/persistence/cron Description: Update cron persistence to use the new mixin. FreePBX ajax.php authenticated SQLi to RCE Authors: EchoSlow, Piotr...

KillChainGraph: ML Framework for Predicting and Mapping ATT&CK Techniques

The escalating complexity and volume of cyberattacks demand proactive detection strategies that go beyond traditional rule-based systems. This paper presents a phase-aware, multi-model machine learning framework that emulates adversarial behavior across the seven phases of the Cyber Kill Chain...

SynthCTI: LLM-Driven Synthetic CTI Generation to Enhance MITRE Technique Mapping

Cyber Threat Intelligence CTI mining involves extracting structured insights from unstructured threat data, enabling organizations to understand and respond to evolving adversarial behavior. A key task in CTI mining is mapping threat descriptions to MITRE ATT&CK techniques. However, this process...

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validatio...

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence AI tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of...

New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models

The security risks posed by the Pickle format have once again come to the fore with the discovery of a new "hybrid machine learning ML model exploitation technique" dubbed Sleepy Pickle. The attack method, per Trail of Bits, weaponizes the ubiquitous format used to package and distribute machine...

CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring

CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring CATS method that can be used without pentester. Currently, pentesters implicitly made the selection of suitable attack techniques for target systems to be attacked. CATSploit uses system configuration...

K000137106: HTTP/2 vulnerability CVE-2023-44487

Security Advisory Description The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 also known as HTTP/2 Rapid Reset Attack Impact BIG-IP and...

Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement

Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach weve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Serve...

copyparty 1.8.2 - Directory Traversal Vulnerability

Exploit Title: copyparty 1.8.2 - Directory Traversal Exploit Author: Vartamtzidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.2 Version: =1.8.2 Tested on: Debian Linux CVE : CVE-2023-37474 Descriptio...

Beyond File Search: A Novel Method

Beyond File Search: A Novel Method for Exploiting the "search-ms" URI Protocol Handler By Mathanraj Thangaraju and Sijo Jacob · July 26, 2023 Threat Summary In the ever-evolving landscape of cyber threats, malware authors continuously explore new avenues to exploit unsuspecting users. The Windows...

CVE-2023-29552: Abusing the SLP Protocol to Launch Massive DDoS Amplification Attacks

On April 25, 2023, researchers at Bitsight and Curesec jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol SLP, a legacy Internet protocol. What is SLP protocol? Service Location Protocol SLP is a network protocol designed to simplify th...

Reflected XSS at search_query[] query string

Description Reflected XSS Cross-Site Scripting is a common web security vulnerability that can occur when a user inputs malicious Javascript syntax into the search field. The search function allows users to look for content on the website, and the search keywords are appended to the URL query...

Threatest - Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules

Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify that the alert you expect was generated in your favorite security platform. Read the announcement blog post:...