Between a Rock and a Hard Place: Exploiting Ethical Reasoning to Jailbreak LLMs

Large language models LLMs have undergone safety alignment efforts to mitigate harmful outputs. However, as LLMs become more sophisticated in reasoning, their intelligence may introduce new security risks. While traditional jailbreak attacks relied on singlestep attacks, multi-turn jailbreak...

Quantum AI Algorithm Development for Enhanced Cybersecurity: a Hybrid Approach to Malware Detection

This study explores the application of quantum machine learning QML algorithms to enhance cybersecurity threat detection, particularly in the classification of malware and intrusion detection within high-dimensional datasets. Classical machine learning approaches encounter limitations when dealin...

False Sense of Security: Why Probing-Based Malicious Input Detection Fails to Generalize

Large Language Models LLMs can comply with harmful instructions, raising serious safety concerns despite their impressive capabilities. Recent work has leveraged probing-based approaches to study the separability of malicious and benign inputs in LLMs' internal representations, and researchers ha...

E-PhishGen: Unlocking Novel Research in Phishing Email Detection

Every day, our inboxes are flooded with unsolicited emails, ranging between annoying spam to more subtle phishing scams. Unfortunately, despite abundant prior efforts proposing solutions achieving near-perfect accuracy, the reality is that countering malicious emails still remains an unsolved...

Linux Distros Unpatched Vulnerability : CVE-2020-17521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was...

Linux Distros Unpatched Vulnerability : CVE-2021-3405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-security-core-6.4.5.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-security-core-6.4.5.jar Vulnerability Details CVEID:CVE-2025-41232 DESCRIPTION: Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass...

Security update for the Linux Kernel

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later. Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE update use the SUSE...

Linux Distros Unpatched Vulnerability : CVE-2019-10913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the overrid...

GHSA-VJ54-72F3-P5JV devalue prototype pollution vulnerability

devalue.parse allows proto to be set A string passed to devalue.parse could represent an object with a proto property, which would assign a prototype to an object while allowing properties to be overwritten: js class Vector constructorx, y this.x = x; this.y = y; get magnitude return this.x 2 +...

devalue prototype pollution vulnerability

devalue.parse allows proto to be set A string passed to devalue.parse could represent an object with a proto property, which would assign a prototype to an object while allowing properties to be overwritten: js class Vector constructorx, y this.x = x; this.y = y; get magnitude return this.x 2 +...

PT-2026-51385

Name of the Vulnerable Software and Affected Versions picklescan versions prior to 0.0.29 Description An issue exists where the software fails to detect malicious pickle files that utilize the get entity function within the idlelib.autocomplete.AutoComplete module in reduce methods. This allows...

Security update for pam

This update for pam fixes the following issues: Improve previous CVE-2024-10041 fix which led to CPU performance issues bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Linux Distros Unpatched Vulnerability : CVE-2017-12870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and...

A Guide to Stakeholder Analysis for Cybersecurity Researchers

Stakeholder-based ethics analysis is now a formal requirement for submissions to top cybersecurity research venues. This requirement reflects a growing consensus that cybersecurity researchers must go beyond providing capabilities to anticipating and mitigating the potential harms thereof. Howeve...

Linux Distros Unpatched Vulnerability : CVE-2021-41041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during bytecode verification when verification is triggered by a...

Design and Implementation of a Controlled Ransomware Framework for Educational Purposes Using Flutter Cryptographic APIs on Desktop PCs and Android Devices

This study focuses on the creation and implementation of ransomware for educational purposes that leverages Python's native cryptographic APIs in a controlled environment. Additionally, an Android version of the framework is implemented using Flutter and Dart. For both versions, open-source...

Malicious code in payment-methods-component (npm)

The package payment-methods-component was found to contain malicious code...

MAL-2025-28943 Malicious code in payment-methods-component (npm)

The package payment-methods-component was found to contain malicious code...

Malicious code in bot-methods (npm)

The package bot-methods was found to contain malicious code...