71 matches found
Keeping an Eye on LLM Unlearning: the Hidden Risk and Remedy
Although Large Language Models LLMs have demonstrated impressive capabilities across a wide range of tasks, growing concerns have emerged over the misuse of sensitive, copyrighted, or harmful data during training. To address these concerns, unlearning techniques have been developed to remove the...
CVE-2023-38831
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file such as an ordinary .JPG file and also a folder that has the same name as the benign file, and the...
CTRAP: Embedding Collapse Trap to Safeguard Large Language Models from Harmful Fine-Tuning
Fine-tuning-as-a-service, while commercially successful for Large Language Model LLM providers, exposes models to harmful fine-tuning attacks. As a widely explored defense paradigm against such attacks, unlearning attempts to remove malicious knowledge from LLMs, thereby essentially preventing th...
Silent Leaks: Implicit Knowledge Extraction Attack on RAG Systems through Benign Queries
Retrieval-Augmented Generation RAG systems enhance large language models LLMs by incorporating external knowledge bases, but they are vulnerable to privacy risks from data extraction attacks. Existing extraction methods typically rely on malicious inputs such as prompt injection or jailbreaking,...
Automated Alert Classification and Triage (AACT): an Intelligent System for the Prioritisation of Cybersecurity Alerts
Enterprise networks are growing ever larger with a rapidly expanding attack surface, increasing the volume of security alerts generated from security controls. Security Operations Centre SOC analysts triage these alerts to identify malicious activity, but they struggle with alert fatigue due to t...
Phishing URL Detection Using Bi-LSTM
Phishing attacks threaten online users, often leading to data breaches, financial losses, and identity theft. Traditional phishing detection systems struggle with high false positive rates and are usually limited by the types of attacks they can identify. This paper proposes a deep learning-based...
Zero Day Malware Detection with Alpha: Fast DBI with Transformer Models for Real World Application
The effectiveness of an AI model in accurately classifying novel malware hinges on the quality of the features it is trained on, which in turn depends on the effectiveness of the analysis tool used. Peekaboo, a Dynamic Binary Instrumentation DBI tool, defeats malware evasion techniques to capture...
MAL-2025-191797 Malicious code in multis (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d8dd7fcb7e4ce42262ad3ce89ed580a46e9a2f979c4e2c9db668fb374ae452b8 Infostealer with multiple possibilities, but not auto-activating on installation. There are already multiple attempts to publish it, with different...
kernel: bpf: Address KCSAN report on bpf_lru_list
A data race was found in the BPF LRU list implementation. Concurrent access to node-ref without proper memory barriers triggers KCSAN warnings, though the race is benign as the reference value does not need to be precise...
UNC4990 Leverage Hosting Platforms in USB Infection Chain
Summary: UNC4990, a financially motivated threat actor, has been observed targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector. Additionally, they are employing trusted websites such as Vimeo, GitHub, and Ars Technica to host encoded payloads disguise...
Exploit for Files or Directories Accessible to External Parties in Apache Struts
CVE-2023-50164 A scanning utility and PoC for CVE-2023-50164...
Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar
CVE-2023-38831 WinRAR RARLabs WinRAR before 6.23 allows att...
CVE-2023-26443
Full-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements. With existing sanitization in place, this can be abused to trigger benign SQL Exceptions but could potentially be escalated to a malicious SQL injection vulnerability. We now properly encode single...
VulnCheck KEV: CVE-2023-38831
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive...
CVE-2022-32275
Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...
CVE-2022-32275
Grafana 8.4.3 allows reading files via for example a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content...
Exploit for CVE-2022-30190
cve-2022-30190 Aka Follina = benig...
CVE-2021-32679
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.0.11, and 21.0.3, filenames where not escaped by default in controllers using DownloadResponse. When a user-supplied filename was passed unsanitized into a DownloadResponse, this could be used to...
Digging into HermeticWiper
Digging into HermeticWiper By Max Kersten · March 2, 2022 A special thanks to Marc Elias for his help during my analysis. Additionally, I’d like to commend all researchers who have publicly shared their initial findings to help incident response teams; I hope this deep dive contributes to a furth...
Digging into HermeticWiper
Digging into HermeticWiper By Max Kersten · March 2, 2022 A special thanks toMarc Elias for his help during my analysis. Additionally, I’d like to commend all researchers who have publicly shared their initial findings to help incident response teams; I hope this deep dive contributes to a furthe...