Lucene search
K

659 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/10 3:55 p.m.5 views

Malicious code in supplychain-firewall-benchmark-hello (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 19af5203b034f6420f173bf6e45719afeb28ecfe359a8858cbe814fe3cd55d11 The OpenSSF Package Analysis project identified 'supplychain-firewall-benchmark-hello' @ 1.10.2 npm as malicious. It is considered malicious...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/09 12:0 a.m.4 views

Systematic Assessment of Cache Timing Vulnerabilities on RISC-V Processors

While interest in the open RISC-V instruction set architecture is growing, tools to assess the security of concrete processor implementations are lacking. There are dedicated tools and benchmarks for common microarchitectural side-channel vulnerabilities for popular processor families such as Int...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2023-53531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's...

5.5CVSS6.1AI score0.00134EPSS
Exploits0References3
HackRead
HackRead
added 2025/10/07 2:0 p.m.4 views

INE Security Releases Industry Benchmark Report: “Wired Together: The Case for Cross-Training in Networking and Cybersecurity”

Raleigh, United States, 7th October 2025, CyberNewsWire...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-16000

Malware in sbrugna...

9.8CVSS9.3AI score0.02552EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-36382

Malicious code in bioql PyPI...

2.7CVSS4.1AI score0.00596EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-29256

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1967

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00422EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29780

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.002EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-27667

Malicious code in bioql PyPI...

7.3CVSS7.5AI score0.00521EPSS
Exploits2References5
Packet Storm News
Packet Storm News
added 2025/10/03 12:0 a.m.4 views

CryptOracle: A Modular Framework to Characterize Fully Homomorphic Encryption

Privacy-preserving machine learning has become an important long-term pursuit in this era of artificial intelligence AI. Fully Homomorphic Encryption FHE is a uniquely promising solution, offering provable privacy and security guarantees. Unfortunately, computational cost is impeding its mass...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/02 12:0 a.m.5 views

SoK: Measuring What Matters for Closed-Loop Security Agents

Cybersecurity is a relentless arms race, with AI driven offensive systems evolving faster than traditional defenses can adapt. Research and tooling remain fragmented across isolated defensive functions, creating blind spots that adversaries exploit. Autonomous agents capable of integrating, explo...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/28 12:0 a.m.6 views

Binary Diff Summarization Using Large Language Models

Security of software supply chains is necessary to ensure that software updates do not contain maliciously injected code or introduce vulnerabilities that may compromise the integrity of critical infrastructure. Verifying the integrity of software updates involves binary differential analysis...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/28 12:0 a.m.3 views

SafeSearch: Automated Red-Teaming for the Safety of LLM-Based Search Agents

Search agents connect LLMs to the Internet, enabling access to broader and more up-to-date information. However, unreliable search results may also pose safety threats to end users, establishing a new threat surface. In this work, we conduct two in-the-wild experiments to demonstrate both the...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/26 12:0 a.m.36 views

SecureAgentBench: Benchmarking Secure Code Generation under Realistic Vulnerability Scenarios

Large language model LLM powered code agents are rapidly transforming software engineering by automating tasks such as testing, debugging, and repairing, yet the security risks of their generated code have become a critical concern. Existing benchmarks have offered valuable insights but remain...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.4 views

FakeSound2: a Benchmark for Explainable and Generalizable Deepfake Sound Detection

The rapid development of generative audio raises ethical and security concerns stemming from forged data, making deepfake sound detection an important safeguard against the malicious use of such technologies. Although prior studies have explored this task, existing methods largely focus on binary...

6.8AI score
Exploits0
Wolfi
Wolfi
added 2025/09/20 2:20 p.m.5 views

CVE-2025-47906 vulnerabilities

Vulnerabilities for packages: newrelic-nri-statsd, shfmt, blobfuse2, pvc-autoresizer, sftpgo-plugin-pubsub, secrets-store-csi-driver-provider-aws, vexctl, kserve-rest-proxy, terraform-provider-time, sftpgo-plugin-geoipfilter, kube-vip-cloud-provider, gitsign, cloud-provider-aws, hivemind, nats,...

6.5CVSS6.4AI score0.00489EPSS
Exploits1
Wolfi
Wolfi
added 2025/09/20 2:20 p.m.7 views

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: newrelic-nri-statsd, shfmt, blobfuse2, pvc-autoresizer, sftpgo-plugin-pubsub, secrets-store-csi-driver-provider-aws, vexctl, kserve-rest-proxy, terraform-provider-time, sftpgo-plugin-geoipfilter, kube-vip-cloud-provider, gitsign, cloud-provider-aws, hivemind, nats,...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/09/18 11:6 a.m.6 views

Time-of-Check Time-of-Use Attacks Against LLMs

This is a nice piece of research: "Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents".: Abstract: Large Language Model LLM-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/15 12:0 a.m.3 views

Exploiting Timing Side-Channels in Quantum Circuits Simulation Via ML-Based Methods

As quantum computing advances, quantum circuit simulators serve as critical tools to bridge the current gap caused by limited quantum hardware availability. These simulators are typically deployed on cloud platforms, where users submit proprietary circuit designs for simulation. In this work, we...

6.7AI score
Exploits0
Rows per page
Query Builder