Malicious Package

Overview Sicoob-Cooperativa.Sicoob.SpbTransferencias is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Improper Input Validation

mppx is vulnerable to improper input validation. The vulnerability is due to improper validation in the cooperative close handler, where the close voucher amount was checked using “” instead of “=” against the on-chain settled amount, which allows an attacker to submit a close voucher equal to th...

Human Trust of AI Agents

Interesting research: "Humans expect rationality and cooperation from LLM opponents in strategic games." Abstract: As Large Language Models LLMs integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. ...

CoopGuard: Stateful Cooperative Agents Safeguarding LLMs against Evolving Multi-Round Attacks

As Large Language Models LLMs are increasingly deployed in complex applications, their vulnerability to adversarial attacks raises urgent safety concerns, especially those evolving over multi-round interactions. Existing defenses are largely reactive and struggle to adapt as adversaries refine...

mppx: Tempo has a session close voucher bypass vulnerability due to settled amount equality

Impact The tempo/session cooperative close handler validated the close voucher amount using instead of = against the on-chain settled amount. An attacker could submit a close voucher exactly equal to the settled amount, which would be accepted without committing any new funds, effectively closing...

PT-2026-28607

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the tempo/session cooperative close handler validated the close voucher amount using "" instead of "=" against the on-chain settled amount. An attacker could submit a close voucher exactly equal to the settled...

Secure and Energy-Efficient Wireless Agentic AI Networks

In this paper, we introduce a secure wireless agentic AI network comprising one supervisor AI agent and multiple other AI agents to provision quality of service QoS for users' reasoning tasks while ensuring confidentiality of private knowledge and reasoning outcomes. Specifically, the supervisor ...

A Defender-Attacker-Defender Model for Optimizing the Resilience of Hospital Networks to Cyberattacks

Considering the increasing frequency of cyberattacks affecting multiple hospitals simultaneously, improving resilience at a network level is essential. Various countermeasures exist to improve resilience against cyberattacks, such as deploying controls that strengthen IT infrastructures to limit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004433)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004433 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

HoneyTrap: Deceiving Large Language Model Attackers to Honeypot Traps with Resilient Multi-Agent Defense

Jailbreak attacks pose significant threats to large language models LLMs, enabling attackers to bypass safeguards. However, existing reactive defense approaches struggle to keep up with the rapidly evolving multi-turn jailbreaks, where attackers continuously deepen their attacks to exploit...

Secure Over-The-Air Computation against Multiple Eavesdroppers Using Correlated Artificial Noise

In the era of the Internet of Things and massive connectivity, many engineering applications, such as sensor fusion and federated edge learning, rely on efficient data aggregation from geographically distributed users over wireless networks. Over-the-air computation shows promising potential for...

EUVD-2025-100219

Malicious code in cooperativeearthwormz3n npm...

EUVD-2025-100217

Malicious code in cooperativestoatz3n npm...

Malicious code in cooperative_stoat_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d26c3b78cee785438767b08229674ef9393217059cc5753adbeaca25c97bb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cooperative_earthworm_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11b499a902dff4b9b4d159e53e98ce922ba5c984a2b193b3c27f366158ce3249 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-125625 Malicious code in cooperative_earthworm_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11b499a902dff4b9b4d159e53e98ce922ba5c984a2b193b3c27f366158ce3249 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-125626 Malicious code in cooperative_stoat_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d26c3b78cee785438767b08229674ef9393217059cc5753adbeaca25c97bb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cooperative_coyote_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eff15aaf9a7cea2f7ec1f47d0b236758777907511b193860c3cec8e4c948746f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-77219

Malicious code in cooperativestarfish-appteadev npm...

EUVD-2025-77221

Malicious code in cooperativecougar-tool npm...