Constructing Multi-Label Hierarchical Classification Models for MITRE ATT&CK Text Tagging

MITRE ATT&CK is a cybersecurity knowledge base that organizes threat actor and cyber-attack information into a set of tactics describing the reasons and goals threat actors have for carrying out attacks, with each tactic having a set of techniques that describe the potential methods used in these...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001580 advisory. A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004445 advisory. A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004196 advisory. A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification...

Malware Classification Using Diluted Convolutional Neural Network with Fast Gradient Sign Method

Android malware has become an increasingly critical threat to organizations, society and individuals, posing significant risks to privacy, data security and infrastructure. As malware continues to evolve in terms of complexity and sophistication, the mitigation and detection of these malicious...

A Decompilation-Driven Framework for Malware Detection with Large Language Models

The parallel evolution of Large Language Models LLMs with advanced code-understanding capabilities and the increasing sophistication of malware presents a new frontier for cybersecurity research. This paper evaluates the efficacy of state-of-the-art LLMs in classifying executable code as either...

CVE-2026-22606 Fickling has a bypass via runpy.run_path() and runpy.run_module()

Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat Python’s runpy module as unsafe. Because of this, a malicious pickle that uses runpy.runpath or runpy.runmodule is classified as SUSPICIOUS instead of OVERTLYMALICIOUS. If a user...

PT-2026-2227

Name of the Vulnerable Software and Affected Versions Fickling versions up to and including 0.1.6 Description Fickling, a Python pickling decompiler and static analyzer, incorrectly classifies pickles utilizing the cProfile.run function as SUSPICIOUS instead of OVERTLY MALICIOUS. This...

CVE-2021-22873

Revive Adserver before 5.1.0 is vulnerable to open redirects via the dest, oadest, and/or ct0 parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third...

Cyber Threat Detection and Vulnerability Assessment System Using Generative AI and Large Language Model

Background: Cyber-attacks have evolved rapidly in recent years, many individuals and business owners have been affected by cyber-attacks in various ways. Cyber-attacks include various threats such as ransomware, malware, phishing, and Denial of Service DoS-related attacks. Challenges: Traditional...

CVE-2024-2622

A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification

Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...

Quantum Machine Learning for Cybersecurity: A Taxonomy and Future Directions

The increasing number of cyber threats and rapidly evolving tactics, as well as the high volume of data in recent years, have caused classical machine learning, rules, and signature-based defence strategies to fail, rendering them unable to keep up. An alternative, Quantum Machine Learning QML, h...

Hyperparameter Tuning-Based Optimized Performance Analysis of Machine Learning Algorithms for Network Intrusion Detection

Network Intrusion Detection Systems NIDS are essential for securing networks by identifying and mitigating unauthorized activities indicative of cyberattacks. As cyber threats grow increasingly sophisticated, NIDS must evolve to detect both emerging threats and deviations from normal behavior. Th...

Quantum-Augmented AI/ML for O-RAN: Hierarchical Threat Detection with Synergistic Intelligence and Interpretability (Technical Report)

Open Radio Access Networks O-RAN enhance modularity and telemetry granularity but also widen the cybersecurity attack surface across disaggregated control, user and management planes. We propose a hierarchical defense framework with three coordinated layers-anomaly detection, intrusion...

BEACON: A Unified Behavioral-Tactical Framework for Explainable Cybercrime Analysis with Large Language Models

Cybercrime increasingly exploits human cognitive biases in addition to technical vulnerabilities, yet most existing analytical frameworks focus primarily on operational aspects and overlook psychological manipulation. This paper proposes BEACON, a unified dual-dimension framework that integrates...

SUSE CVE-2025-40214

In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...

Beyond Detection: A Comprehensive Benchmark and Study on Representation Learning for Fine-Grained Webshell Family Classification

Malicious WebShells pose a significant and evolving threat by compromising critical digital infrastructures and endangering public services in sectors such as healthcare and finance. While the research community has made significant progress in WebShell detection i.e., distinguishing malicious...

Rethinking Cybersecurity Ontology Classification and Evaluation: Towards a Credibility-Centered Framework

This paper analyzes the proliferation of cybersecurity ontologies, arguing that this surge cannot be explained solely by technical shortcomings related to quality, but also by a credibility deficit - a lack of trust, endorsement, and adoption by users. This conclusion is based on our first...