OrgForge-IT: A Verifiable Synthetic Benchmark for LLM-Based Insider Threat Detection

Synthetic insider threat benchmarks face a consistency problem: corpora generated without an external factual constraint cannot rule out cross-artifact contradictions. The CERT dataset -- the field's canonical benchmark -- is also static, lacks cross-surface correlation scenarios, and predates th...

VoiceSHIELD-Small: Real-Time Malicious Speech Detection and Transcription

Voice interfaces are quickly becoming a common way for people to interact with AI systems. This also brings new security risks, such as prompt injection, social engineering, and harmful voice commands. Traditional security methods rely on converting speech to text and then filtering that text,...

security-research

Security Research This project hosts security advisories and...

[SECURITY] Fedora 42 Update: uriparser-1.0.0-1.fc42

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

appsec-sentinel

AppSec-Sentinel AI-powered security scanner with cross-file...

security-research

Security Research This project hosts security advisories and...

sinatra

This is the official repository for the Sinatra web framework. It is a DSL Domain Specific Language for web development, allowing developers to create web applications in a concise and elegant way. The repository contains the core code for Sinatra, as well as various plugins and extensions. The...

security-research

Security Research This project hosts security advisories and...

Debian: Security Advisory (DSA-5936-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324 Zero-Day SAP Vulnerability & Compromise Assessm...

vulhub

This is a collection of vulnerable web applications and tools for testing and learning about web application security. The repository contains a variety of applications, including CouchDB, FFmpeg, Git, and Jenkins, each with its own set of vulnerabilities. The applications are designed to be used...

vulhub

This is an open-source collection of vulnerable web applications and environments for security research and training. It is a repository of vulnerable systems, including web applications, databases, and other software, designed to help security professionals and researchers practice and improve...

vulhub

This repository is an open-source collection of vulnerable web applications and tools for security training and research. It is maintained by phith0n and hosted on GitHub. The repository contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

vulhub111

This repository is an offensive tool for vulnerability research and exploitation. It contains a collection of vulnerable environments and exploits for various software and frameworks, including CouchDB, FFmpeg, Git, and more. The repository is maintained by Vulhub, a community-driven project for...

Exploit for SQL Injection in Zabbix

This repository is an offensive tool for vulnerability research and exploitation. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The primary purpose of this repository is to provide a platform for researchers and security...

vulhub

This is an open-source collection of vulnerable web applications and environments for testing and learning about web application security. It is a project maintained by phith0n and hosted on GitHub. The repository contains a variety of applications and environments, including CouchDB, FFmpeg, Git...

vulhub

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git, InfluxDB, and more. The environments are designed to be easily reproducible and can be used for testing and training...

Announcing the Fuzzilli Research Grant Program

Posted by Samuel Groß, Project Zero Project Zero’s mission is to make 0-day hard in order to improve end-user security. We attack this problem in different ways, including supporting other security researchers. While Google currently offers research grants, they are limited to academics and those...

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security testing and education, maintained by vulhub. It is a defensive blue-team research and threat mitigation tool. The repository contains a variety of vulnerable web applications and environments...

File upload vulnerability in phpok

PHPOK system is a content management system for website construction developed by Shenzhen KunHuo Technology Co., Ltd formerly known as PHPOK Studio, written in PHP, using MySQL database storage by default, based on the LGPL open source license released to the Internet for shared use. A file uplo...