12 matches found
RedEdit: Agentic Red-Teaming of Image Safety Classifiers Via MCTS-Guided Photo-Editing
Image safety classifiers serve as a critical component of contemporary content moderation systems on the internet. However, their resilience against user-style malicious image editing remains underexplored. Such behaviors are highly prevalent in daily scenarios but difficult to fully reproduce. T...
AEGIS: White-Box Attack Path Generation Using LLMs and Training Effectiveness Evaluation for Large-Scale Cyber Defence Exercises
Creating attack paths for cyber defence exercises requires substantial expert effort. Existing automation requires vulnerability graphs or exploit sets curated in advance, limiting where it can be applied. We present AEGIS, a system that generates attack paths using LLMs, white-box access, and...
Enhancing NTRUEncrypt Security Using Markov Chain Monte Carlo Methods: Theory and Practice
This paper presents a novel framework for enhancing the quantum resistance of NTRUEncrypt using Markov Chain Monte Carlo MCMC methods. We establish formal bounds on sampling efficiency and provide security reductions to lattice problems, bridging theoretical guarantees with practical...
Effect of Phase Shift Errors on the Security of UAV-Assisted STAR-RIS IoT Networks
Unmanned aerial vehicles UAV-mounted simultaneous transmitting and reflecting reconfigurable intelligent surface STAR-RIS systems can provide full-dimensional coverage and flexible deployment opportunities in future 6G-enabled IoT networks. However, practical imperfections such as jittering and...
Attack the Messages, Not the Agents: a Multi-Round Adaptive Stealthy Tampering Framework for LLM-MAS
Large language model-based multi-agent systems LLM-MAS effectively accomplish complex and dynamic tasks through inter-agent communication, but this reliance introduces substantial safety vulnerabilities. Existing attack methods targeting LLM-MAS either compromise agent internals or rely on direct...
Arbiter PUF: Uniqueness and Reliability Analysis Using Hybrid CMOS-Stanford Memristor Model
In an increasingly interconnected world, protecting electronic devices has grown more crucial because of the dangers of data extraction, reverse engineering, and hardware tampering. Producing chips in a third-party manufacturing company can let hackers change the design. As the Internet of Things...
AgentVigil: Generic Black-Box Red-Teaming for Indirect Prompt Injection against LLM Agents
The strong planning and reasoning capabilities of Large Language Models LLMs have fostered the development of agent-based systems capable of leveraging external tools and interacting with increasingly complex environments. However, these powerful features also introduce a critical security risk:...
ChainMarks: Securing DNN Watermark with Cryptographic Chain
With the widespread deployment of deep neural network DNN models, dynamic watermarking techniques are being used to protect the intellectual property of model owners. However, recent studies have shown that existing watermarking schemes are vulnerable to watermark removal and ambiguity attacks...
Fooling the Watchers: Breaking AIGC Detectors Via Semantic Prompt Attacks
The rise of text-to-image T2I models has enabled the synthesis of photorealistic human portraits, raising serious concerns about identity misuse and the robustness of AIGC detectors. In this work, we propose an automated adversarial prompt generation framework that leverages a grammar tree...
PT-2024-28277 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: A use-after-free vulnerability was discovered in the nav2 amcl process of Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions. This issue i...
montecarmoshopping.com.br Cross Site Scripting vulnerability OBB-2529811
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
DecisionTools SharpGrid - ActiveX Control Remote Code Execution
DecisionTools SharpGrid - ActiveX Control Remote Code Execution Application: DecisionTools SharpGrid ActiveX Control Code Execution Vulnerability Platforms: Windows Secunia: SA48571 Date: 2012-05-09 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitte...