Do Skill Descriptions Tell the Truth? Detecting Undisclosed Security Behaviors in Code-Backed LLM Skills

Programmatic skills in LLM ecosystems consist of a natural-language description and executable implementation files. Users and LLMs rely on the description to understand the skill's scope. However, the implementation may perform security-relevant operations, such as credential access, network...

CVE-2025-52641

HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying environment, which could potentially aid in further targeted actions or limited information...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from issues with hash calculations. This vulnerability may cause rules that use address-range syntax to be silently discarded, resulting in unexpected behaviors...

iccDEV 数字错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained a numerical error vulnerability. This vulnerability occurred due to specially crafted TIFF inputs, which could lead to zero errors and trigger...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could trigger undefined behaviors...

iccDEV security vulnerability

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.1 contained security vulnerabilities. These vulnerabilities were caused by empty pointer dereferencing and undefined behaviors in CIccXmlArrayType, which...

RampoNN: A Reachability-Guided System Falsification for Efficient Cyber-Kinetic Vulnerability Detection

Detecting kinetic vulnerabilities in Cyber-Physical Systems CPS, vulnerabilities in control code that can precipitate hazardous physical consequences, is a critical challenge. This task is complicated by the need to analyze the intricate coupling between complex software behavior and the system's...

EUVD-2024-18607

Malicious code in bioql PyPI...

EUVD-2024-18550

Malicious code in bioql PyPI...

IMDS Abused: Hunting Rare Behaviors to Uncover Exploits

When common processes start asking the wrong questions...

Rethinking Denial-Of-Service: a Conditional Taxonomy Unifying Availability and Sustainability Threats

This paper proposes a unified, condition-based framework for classifying both legacy and cloud-era denial-of-service DoS attacks. The framework comprises three interrelated models: a formal conditional tree taxonomy, a hierarchical lattice structure based on order theory, and a conceptual Venn...

Thwart Me If You Can: an Empirical Analysis of Android Platform Armoring against Stalkerware

Stalkerware is a serious threat to individuals' privacy that is receiving increased attention from the security and privacy research communities. Existing works have largely focused on studying leading stalkerware apps, dual-purpose apps, monetization of stalkerware, or the experience of survivor...

Red Teaming AI Red Teaming

Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...

Hunting in the Dark: Metrics for Early Stage Traffic Discovery

Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...

Shill Bidding Prevention in Decentralized Auctions Using Smart Contracts

In online auctions, fraudulent behaviors such as shill bidding pose significant risks. This paper presents a conceptual framework that applies dynamic, behavior-based penalties to deter auction fraud using blockchain smart contracts. Unlike traditional post-auction detection methods, this approac...

ChatGPT o3 Resists Shutdown Despite Instructions, Study Claims

ChatGPT o3 resists shutdown despite explicit instructions, raising fresh concerns over AI safety, alignment, and reinforcement learning behaviors...

CVE-2024-20835

Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors...

CVE-2024-7595

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

The many ways to obtain credentials in AWS

Dive into the complexities of AWS IAM credentials and uncover how defenders can stay ahead with in-depth knowledge of SDK behaviors and service-specific mechanisms...

CVE-2024-54135 Untrusted Deserialization in ClipBucket-v5 Version 2.0 to 5.5.1 Revision 199

ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/photoupload.php within the decodekey function. User inputs were supplied to this function...