Relevance As a Vulnerability: How Web Retrieval Degrades Safety Alignment in LLM Agents

AI agents augment large language models with external tools such as web retrieval, enabling grounded and up-to-date responses. However, incorporating external content into the generation pipeline can weaken the safety alignment mechanisms that govern model outputs. Prior work shows that enabling...

manchurian-agent-poc

Manchurian Candidate Agent POC ⚠️ SECURITY RESEARCH — EDU...

EUVD-2025-178926

Malicious code in fermiparadox-redshift-rollup-plugin-phoebe npm...

The Trust Paradox in LLM-Based Multi-Agent Systems: When Collaboration Becomes a Security Vulnerability

Multi-agent systems powered by large language models are advancing rapidly, yet the tension between mutual trust and security remains underexplored. We introduce and empirically validate the Trust-Vulnerability Paradox TVP: increasing inter-agent trust to enhance coordination simultaneously expan...

EUVD-2024-46849

Malicious code in bioql PyPI...

EUVD-2023-28719

Malicious code in bioql PyPI...

Malicious code in fermiparadox-fornax-whitedwarf-fornax (npm)

The package fermiparadox-fornax-whitedwarf-fornax was found to contain malicious code...

ALPINE-CVE-2025-5994

A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along with queries to...

Malicious code in paradox-pydevdeps (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffb02e4aaa239e465a9365307dc9f04e5d881cc9f56bd34a1112ce87db7998bc Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

Singularity Cipher: a Topology-Driven Cryptographic Scheme Based on Visual Paradox and Klein Bottle Illusions

This paper presents the Singularity Cipher, a novel cryptographic-steganographic framework that integrates topological transformations and visual paradoxes to achieve multidimensional security. Inspired by the non-orientable properties of the Klein bottle -- constructed from two Mobius strips --...

Position: Certified Robustness Does Not (Yet) Imply Model Security

While certified robustness is widely promoted as a solution to adversarial examples in Artificial Intelligence systems, significant challenges remain before these techniques can be meaningfully deployed in real-world applications. We identify critical gaps in current research, including the parad...

CVE-2024-5676

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

CVE-2023-24709

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

Paradox Security Systems IPR512 Denial of Service

Paradox Security Systems IPR512 proof of concept denial of service script...

Paradox IP150 Internet Module 1.40.00 Cross Site Request Forgery

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Paradox IP150 Internet Module Cross-Site Request Forgery Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01ParadoxCrossSiteRequestForgery Vulnerability Overview The Paradox IP150 Internet Module in version 1.40.00 i...

CVE-2024-5676

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

CVE-2024-5676 Paradox IP150 Internet Module Cross-Site Request Forgery

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

CVE-2024-5676

CVE-2024-5676 affects the Paradox IP150 Internet Module, version 1.40.00. The issue is a Cross-Site Request Forgery (CSRF) vulnerability caused by a lack of countermeasures and the use of HTTP GET to introduce changes in the system. No exploitation details are provided in the supplied documents. ...

CVE-2024-5676 Paradox IP150 Internet Module Cross-Site Request Forgery

The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery CSRF attacks due to a lack of countermeasures and the use of the HTTP method GET to introduce changes in the system...

Paradox IP150 Cross-Site Request Forgery Vulnerability

Paradox IP150 is a communication module from Paradox USA that provides monitoring and management of Paradox devices over the web. The module provides a web interface to monitor and manage connected Paradox devices. A security vulnerability exists in Paradox IP150 version 1.40.00, which stems from...