32 matches found
Benchmarking Security Risk Detection and Verification in Open Agentic Skill Ecosystems
Open agent platforms allow community contributors to publish reusable skills that agents can invoke at runtime. This extensibility also creates a supply-chain risk: malicious contributors can hide harmful behavior inside skills that appear benign under superficial inspection. However, existing...
Governing AI-Assisted Security Operations: A Design Science Framework for Operational Decision Support
Engineering managers increasingly must decide how to introduce generative artificial intelligence AI, retrieval-augmented generation, and coding agents into high-risk operational functions without weakening accountability, privacy, cost discipline, or auditability. The central message of this stu...
GRC-demo-poc-oscal
GRC-OSCAL — continuous compliance, demonstrated A working pro...
All AI and Security Teams Need Transparent Data Pipelines
Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable...
Recursive Language Models for Jailbreak Detection: A Procedural Defense for Tool-Augmented Agents
Jailbreak prompts are a practical and evolving threat to large language models LLMs, particularly in agentic systems that execute tools over untrusted content. Many attacks exploit long-context hiding, semantic camouflage, and lightweight obfuscations that can evade single-pass guardrails. We...
SUSE SLES15 Security Update : cargo-auditable (SUSE-SU-2026:0514-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0514-1 advisory. Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to...
SUSE SLED15 / SLES15 Security Update : cargo-auditable (SUSE-SU-2026:0506-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0506-1 advisory. Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date...
SUSE SLES15 / openSUSE 15 Security Update : cargo-auditable (SUSE-SU-2026:0505-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0505-1 advisory. Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser...
SUSE-SU-2026:0514-1 Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: - Update to version 0.7.20: mention...
Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: Update to version 0.7.20: mention cargo-dist...
Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: Update to version 0.7.20: mention cargo-dist...
SUSE-SU-2026:0506-1 Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: - Update to version 0.7.20: mention...
Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: Update to version 0.7.20: mention cargo-dist...
SUSE-SU-2026:0505-1 Security update for cargo-auditable
This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: - Update to version 0.7.20: mention...
cargo-auditable-0.7.2~0-2.1 on GA media (moderate)
cargo-auditable-0.7.20-2.1 on GA media Announcement ID: openSUSE-SU-2026:10184-1 Rating: moderate Cross-References: CVE-2026-25727 CVSS scores: CVE-2026-25727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-25727 SUSE : 8.7...
OPENSUSE-SU-2026:10184-1 cargo-auditable-0.7.2~0-2.1 on GA media
These are all security issues fixed in the cargo-auditable-0.7.20-2.1 package on the GA media of openSUSE Tumbleweed...
Holmes: An Evidence-Grounded LLM Agent for Auditable DDoS Investigation in Cloud Networks
Cloud environments face frequent DDoS threats due to centralized resources and broad attack surfaces. Modern cloud-native DDoS attacks further evolve rapidly and often blend multi-vector strategies, creating an operational dilemma: defenders need wire-speed monitoring while also requiring...
Information-Dense Reasoning for Efficient and Auditable Security Alert Triage
Security Operations Centers face massive, heterogeneous alert streams under minute-level service windows, creating the Alert Triage Latency Paradox: verbose reasoning chains ensure accuracy and compliance but incur prohibitive latency and token costs, while minimal chains sacrifice transparency a...
The Road of Adaptive AI for Precision in Cybersecurity
Cybersecurity's evolving complexity presents unique challenges and opportunities for AI research and practice. This paper shares key lessons and insights from designing, building, and operating production-grade GenAI pipelines in cybersecurity, with a focus on the continual adaptation required to...
Charting the future of SOC: Human and AI collaboration for better security
Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...