269 matches found
wannacry-soc-lab
WannaCry SOC Investigation Lab Overview This project simu...
Evaluating and Combating the Impact of Concept Drift on the Performance of Machine Learning-Based Phishing Detection Systems
The expansion of the digital domain has resulted in a substantial increase in digital communication, with email emerging as one of the most prominent channels. The proliferation of email communication is apparent in both professional and personal contexts, thereby creating numerous vulnerabilitie...
When Discovery Outpaces Remediation: Modeling AI-Accelerated Vulnerability Discovery in Interconnected Systems
Advanced AI systems for code analysis, binary analysis, fuzzing orchestration, and penetration-test planningmay significantly increase the rate at which latent vulnerabilities are discovered. While improved discovery can benefit defenders, it can also overload remediation pipelines and accelerate...
Unveiling Privacy Risks in Multi-Modal Large Language Models: Task-Specific Vulnerabilities and Mitigation Challenges
Privacy risks in text-only Large Language Models LLMs are well studied, particularly their tendency to memorize and leak sensitive information. However, Multi-modal Large Language Models MLLMs, which process both text and images, introduce unique privacy challenges that remain underexplored...
Credential Disclosure in (EU) Digital Identity Wallets: Privacy Risks and Practical Mitigations
The European Union will introduce the EUDI Wallet by late 2026, which allows users to hold digital credentials i.e., representations of physical official identity documents on their devices. This will allow users to securely and privately disclose identity attributes to websites. Although such a...
Description-Code Inconsistency in Real-World MCP Servers: Measurement, Detection, and Security Implications
The Model Context Protocol MCP has emerged as a critical standard empowering Large Language Models LLMs to utilize external tools. In this ecosystem, LLMs rely on natural language descriptions provided by MCP servers to select and execute functions. This interaction implicitly assumes that tool...
Security Analysis of a Communication Protocol: MQTT
This paper analyzes the security of the Message Queuing Telemetry Transport MQTT protocol in the context of the Internet of Things IoT. The main objective consists of identifying vulnerabilities and proposing security improvements. Adopting a hybrid methodology, a theoretical review was combined...
Security Risks in Tool-Enabled AI Agents: A Systematic Analysis of Privileged Execution Environments
Tool-enabled AI agents are increasingly deployed in cloud-hosted environments and offered as services, where they perform side-effecting operations through privileged tools within execution environments. While such agents enable powerful automation, the security implications of hosting autonomous...
Memory Poisoning and Secure Multi-Agent Systems
Memory poisoning attacks for Agentic AI and multi-agent systems MAS have recently caught attention. It is partially due to the fact that Large Language Models LLMs facilitate the construction and deployment of agents. Different memory systems are being used nowadays in this context, including...
Threat modeling AI applications
Proactively identifying, assessing, and addressing risk in AI systems We cannot anticipate every misuse or emergent behavior in AI systems. We can , however, identify what can go wrong, assess how bad it could be, and design systems that help reduce the likelihood or impact of those failure modes...
Exploit for CVE-2026-24009
docling-core-CVE-2026-24009 T...
From Similarity to Vulnerability: Key Collision Attack on LLM Semantic Caching
Semantic caching has emerged as a pivotal technique for scaling LLM applications, widely adopted by major providers including AWS and Microsoft. By utilizing semantic embedding vectors as cache keys, this mechanism effectively minimizes latency and redundant computation for semantically similar...
Techniques of Modern Attacks
The techniques used in modern attacks have become an important factor for investigation. As we advance further into the digital age, cyber attackers are employing increasingly sophisticated and highly threatening methods. These attacks target not only organizations and governments but also extend...
Exploit for CVE-2025-6440
cara penggunaan 1. git clone https://git...
HSEC-2025-0005 cabal-install dependency confusion
cabal-install dependency confusion For cabal-install 3.4.0.0 and where multiple repositories are configured, the resolver picks the highest available version across all repositories. Where a package is only defined in a private repository, this behaviour leads to a dependency confusionblog supply...
Explaining Software Vulnerabilities with Large Language Models
The prevalence of security vulnerabilities has prompted companies to adopt static application security testing SAST tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic warning messages do not sufficiently communicate important...
On the Dangers of Poisoned LLMs in Security Automation
This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited dataset, can introduce significant bias, to the extent tha...
Quantifying Security for Networked Control Systems: A Review
Networked Control Systems NCSs are integral in critical infrastructures such as power grids, transportation networks, and production systems. Ensuring the resilient operation of these large-scale NCSs against cyber-attacks is crucial for societal well-being. Over the past two decades, extensive...
EUVD-2020-9020
Malware in sbrugna...
EUVD-2021-30694
Malicious code in bioql PyPI...