EUVD-2025-58063

Malicious code in objectivedingoz3n npm...

Toward Autonomous and Efficient Cybersecurity: A Multi-Objective AutoML-Based Intrusion Detection System

With increasingly sophisticated cybersecurity threats and rising demand for network automation, autonomous cybersecurity mechanisms are becoming critical for securing modern networks. The rapid expansion of Internet of Things IoT systems amplifies these challenges, as resource-constrained IoT...

learn_exploit_dev

Este repositorio contiene un seguim...

EUVD-2007-2173

Malware in sbrugna...

EUVD-2018-2477

Malware in sbrugna...

EUVD-2008-4042

Malware in sbrugna...

EUVD-2022-5385

Malicious code in bioql PyPI...

SilentStriker: toward Stealthy Bit-Flip Attacks on Large Language Models

The rapid adoption of large language models LLMs in critical domains has spurred extensive research into their security issues. While input manipulation attacks e.g., prompt injection have been well studied, Bit-Flip Attacks BFAs -- which exploit hardware vulnerabilities to corrupt model paramete...

From Impact to Action: Turning BIA Insights Into Resilient Recovery

Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact. The real question is, "How do you tackl...

Linux Distros Unpatched Vulnerability : CVE-2018-1000665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and...

Exploring the Secondary Risks of Large Language Models

Ensuring the safety and alignment of Large Language Models is a significant challenge with their growing integration into critical applications and societal functions. While prior research has primarily focused on jailbreak attacks, less attention has been given to non-adversarial failures that...

Adversarial Text Generation with Dynamic Contextual Perturbation

Adversarial attacks on Natural Language Processing NLP models expose vulnerabilities by introducing subtle perturbations to input text, often leading to misclassification while maintaining human readability. Existing methods typically focus on word-level or local text segment alterations,...

BadVLA: Towards Backdoor Attacks on Vision-Language-Action Models Via Objective-Decoupled Optimization

Vision-Language-Action VLA models have advanced robotic control by enabling end-to-end decision-making directly from multimodal inputs. However, their tightly coupled architectures expose novel security vulnerabilities. Unlike traditional adversarial perturbations, backdoor attacks represent a...

MorphMark: Flexible Adaptive Watermarking for Large Language Models

Watermarking by altering token sampling probabilities based on red-green list is a promising method for tracing the origin of text generated by large language models LLMs. However, existing watermark methods often struggle with a fundamental dilemma: improving watermark effectiveness the...

Federated One-Shot Learning with Data Privacy and Objective-Hiding

Privacy in federated learning is crucial, encompassing two key aspects: safeguarding the privacy of clients' data and maintaining the privacy of the federator's objective from the clients. While the first aspect has been extensively studied, the second has received much less attention. We present...

FCGHunter: Towards Evaluating Robustness of Graph-Based Android Malware Detection

Graph-based detection methods leveraging Function Call Graphs FCGs have shown promise for Android malware detection AMD due to their semantic insights. However, the deployment of malware detectors in dynamic and hostile environments raises significant concerns about their robustness. While recent...

How to Build Your Autonomous SOC Strategy

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center SOC. The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from...

Security Bulletin: IBM Security Verify Governance - Containerized Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in the latest update to IBM Security Verify Governance - Containerized Identity Manager. Vulnerability Details CVEID:CVE-2018-6561 DESCRIPTION: Dojo Toolkit is vulnerable to cross-site scripting in dijit.Editor, caused by improper...

Exploit for Improper Authentication in Ivanti Connect_Secure

PoC exploit for CVE-2023-46805, an RCE vulnerability in Ivanti...

BlueNoroff Unleashes New macOS Malware ObjCShellz

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new macOS malware variant linked to the financially motivated BlueNoroff APT group, named "ObjCShellz,“ featuring remote shell capabilities and suspicious domain communication. The malware, written in...