Making secret scanning more trustworthy: Reducing false positives at scale

Secret scanning plays a critical role in protecting developers and organizations. It helps catch exposed credentials early and prevents small mistakes from turning into real incidents. At GitHub's scale, even small inefficiencies create real friction. Too many false positives make alerts harder t...

Nuclei 3.9.0

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security

Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...

A Robust Framework for Sybil Attack Detection in Vehicular Ad Hoc Networks

Sybil attacks create an illusion of traffic congestion by utilizing fake identities, which undermines the reliable and safe operation of vehicular ad hoc networks VANETs. Existing detection mechanisms struggle to effectively handle Sybil attacks as they are i susceptible to high false positive...

Can Open-Source LLM Agents Replace Static Application Security Testing Tools? an Empirical Assessment

This paper explores the value of agentic AI tools for cybersecurity purposes. We evaluate the efficacy of a general-purpose GenAI Large Language Model- GenAI- based agent when powered by three different Ollama-hosted general-purpose open source models. We assess each agent's performance using...

Context-Based Adversarial Attacks on AI Code Generators: Vulnerability Analysis and Implications

AI-powered code generation systems have transformed software development but introduce critical inference-time security vulnerabilities. This research presents a systematic investigation of context-based adversarial attacks, where strategically crafted contextual inputs, including comments,...

UBUNTU-CVE-2026-46150

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

CVE-2026-46150

The CVE-2026-46150 issue affects the Linux kernel fanotify subsystem. It arises because fsnotify_get_mark_safe() may return false for a mark in an unrelated group, bypassing the permission check. The fix patches the logic to skip detached marks that are not in the current group, mitigating the by...

EUVD-2026-32777

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

CVE-2026-46150 fanotify: fix false positive on permission events

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

SUSE CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function fsnotifygetmarksafe in fanotify. This function may return false positives for...

CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

CVE-2026-45942

Summary of CVE-2026-45942 : A race condition in the Linux kernel ext4 bitmap handling enables inconsistent bitmap reporting due to concurrent page migration and bitmap modification in the load_buddy path. The root cause is that the fast load_buddy path only increments the folio refcount and can o...

PT-2026-43809

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ext4 file system between page migration and bitmap modification during mixed huge-page workloads. The issue occurs because the fast path of the load buddy...

The Alert Firehose Finally Meets Its Match

Ask a cybersecurity pro about Network Detection and Response NDR and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positive...

On Reliability of Efficient Membership Inference Vulnerability Evaluation

Membership inference attacks MIAs are popular methods for empirically assessing the leakage of sensitive information in the training data through models or statistics learned from the data. The MIA vulnerability is often evaluated through false positive rate FPR and true positive rate TPR of a...

Are Frontier LLMs Ready for Cybersecurity? Evidence for Vertical Foundation Models from Dual-Mode Vulnerability Benchmarks

We evaluate whether frontier LLMs are ready for cybersecurity through a dual-mode benchmark: white-box function-level vulnerability detection VulnLLM-R, across C/Java/Python and black-box web application security testing five production-style applications with 118 ground-truth vulnerabilities...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: fixed RELEASELOCKOWNER The test on socount in nfsd4releaselockowner is pointless and harmful. It’s recommended to revert to using checkforlocks, and change the code to avoid sleeping. First, the test is harmful because, as...

ADR: An Agentic Detection System for Enterprise Agentic AI Security

We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...