21 matches found
sqli_exploit
S...
SoK: Security Evaluation of Wi-Fi CSI Biometrics: Attacks, Metrics, and Systemic Weaknesses
Wi-Fi Channel State Information CSI has been repeatedly proposed as a biometric modality, often with reports of high accuracy and operational feasibility. However, the field lacks a consolidated understanding of its security properties, adversarial resilience, and methodological consistency. This...
AgentCyTE: Leveraging Agentic AI to Generate Cybersecurity Training and Experimentation Scenarios
Designing realistic and adaptive networked threat scenarios remains a core challenge in cybersecurity research and training, still requiring substantial manual effort. While large language models LLMs show promise for automated synthesis, unconstrained generation often yields configurations that...
EUVD-2025-5089
Malicious code in bioql PyPI...
Malicious code in experimentation-paypal (npm)
The package experimentation-paypal was found to contain malicious code...
MAL-2025-20059 Malicious code in experimentation-paypal (npm)
The package experimentation-paypal was found to contain malicious code...
Perry: a High-Level Framework for Accelerating Cyber Deception Experimentation
Cyber deception aims to distract, delay, and detect network attackers with fake assets such as honeypots, decoy credentials, or decoy files. However, today, it is difficult for operators to experiment, explore, and evaluate deception approaches. Existing tools and platforms have non-portable and...
CVE-2025-27092 Path Traversal Vulnerability in GHOSTS Photo Retrieval Endpoint
GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise. A path traversal vulnerability was discovered in GHOSTS version 8.0.0.0 that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint...
[SECURITY] Fedora 40 Update: bsh-2.1.0-12.fc40
BeanShell is a small, free, embeddable, Java source interpreter with object scripting language features, written in Java. BeanShell executes standard Java statements and expressions, in addition to obvious scripting commands and syntax. BeanShell supports scripted objects as simple method closure...
Open-Source LLMs
In February, Meta released its large language model: LLaMA. Unlike OpenAI and its ChatGPT, Meta didnt just give the world a chat window to play with. Instead, it released the code into the open-source community, and shortly thereafter the model itself was leaked. Researchers and programmers...
Using LLMs to Create Bioweapons
Im not sure there are good ways to build guardrails to prevent this sort of thing: There is growing concern regarding the potential misuse of molecular machine learning models for harmful purposes. Specifically, the dual-use application of models for predicting cytotoxicity18 to create new poison...
Malicious code in @btransport/react-experimentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74b48dbec082140a90f119f78f38758566c47a14fa8f4295cb13a3f6b2a58131 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-154 Malicious code in @btransport/react-experimentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74b48dbec082140a90f119f78f38758566c47a14fa8f4295cb13a3f6b2a58131 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in azure-arm-machinelearningexperimentation-samples-js-beta (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0134bbb1c3b162bd3ff1a31eb6f15b75ec14670f2808ebd5adcd62a2ae21d7c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1251 Malicious code in azure-arm-machinelearningexperimentation-samples-ts-beta (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28e960d07673497cdac69a46cac88d71047e5c8b724995837b47b34b8ccc828e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
CVE-2021-44228 Remote Command Execution PoC This repository a...
CyberBattleSim - An Experimentation And Research Platform To Investigate The Interaction Of Automated Agents In An Abstract Simulated Network Environments
CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level abstraction of computer networks and cyber security concepts. Its Python-based Open AI G...
in catalyst-team/catalyst
Description Catalyst is a PyTorch framework for Deep Learning research and development. It focuses on reproducibility, rapid experimentation, and codebase reuse so you can create something new rather than write another regular train loop. This package was vulnerable to Arbitrary code execution vi...
Surveillance Kills Freedom By Killing Experimentation
When we're being watched, we conform. We don't speak freely or try new things. But social progress happens in the gap between what’s legal and what’s moral...
[SECURITY] Fedora 22 Update: jython-2.7-0.7.rc2.fc22
Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with...