[SECURITY] Fedora 42 Update: apptainer-1.5.0-1.fc42

Apptainer provides functionality to make portable containers that can be used across host environments...

AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey

Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and alert-fatigue mitigation from 2015 to 2026. We synthesiz...

CSTS: A Canonical Security Telemetry Substrate for AI-Native Cyber Detection

AI-driven cybersecurity systems often fail under cross-environment deployment due to fragmented, event-centric telemetry representations. We introduce the Canonical Security Telemetry Substrate CSTS, an entity-relational abstraction that enforces identity persistence, typed relationships, and...

Everyday tools, extraordinary crimes: the ransomware exfiltration playbook

Data exfiltration activity increasingly leverages legitimate native utilities, commonly deployed third-party tools, and cloud service clients, reducing the effectiveness of static indicators of compromise IOCs and tool-based blocking strategies. The Exfiltration Framework systematically normalize...

DREAM: Dynamic Red-Teaming across Environments for AI Models

Large Language Models LLMs are increasingly used in agentic systems, where their interactions with diverse tools and environments create complex, multi-stage safety challenges. However, existing benchmarks mostly rely on static, single-turn assessments that miss vulnerabilities from adaptive,...

Managed TLS under Migration: Authentication Authority across CDN and Hosting Transitions

Managed TLS has become a common approach for deploying HTTPS, with platforms generating and storing private keys and automating certificate issuance on behalf of domain operators. This model simplifies operational management but shifts control of authentication material from the domain owner to t...

EUVD-2025-177802

Malicious code in miranda-native-cross-env-oauth npm...

EUVD-2025-177949

Malicious code in markdown-pdf-jsonp-brane-cross-env npm...

EUVD-2025-178737

Malicious code in genomics-biohacking-xanadu-cross-env npm...

EUVD-2025-179495

Malicious code in cross-env-vega-native-blazar npm...

EUVD-2025-121547

Malicious code in superagent-cross-env-csv-nodemon npm...

EUVD-2025-112801

Malicious code in hermes-cross-env-quasar-duplex npm...

EUVD-2025-114859

Malicious code in cross-env-csv-sedna-bunyan npm...

EUVD-2025-115154

Malicious code in commitlint-blaze-rollup-cross-env npm...

EUVD-2025-116543

Malicious code in aquarius-webdriver-mocha-hyperion-cross-env npm...

EUVD-2025-116072

Malicious code in blaze-release-it-cross-env-yakutsk npm...

MAL-2025-143900 Malicious code in jekyll-dagda-google-cross-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51efc8bc5dda4bb97100bc40fad173c85b4a3de359dd0858a8644cfa6de99b24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111804

Malicious code in less-cross-env-enif-pm2 npm...

EUVD-2025-114860

Malicious code in cross-env-betelgeuse-pm2-mongoose npm...

Malicious code in unuk-schema-cross-env-browserify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a284a163b533011f80b6796a04ffc656782019c6c3bff8d63b9b8bf081c1baa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...