Lucene search
K

3708 matches found

Qualys Blog
Qualys Blog
added 2026/05/06 4:0 p.m.9 views

Before the Breach, There Was a Test Environment

Key Takeaways Most security failures do not begin where they are discovered. By the time risk becomes visible in production, the decisions that created it are often already sitting in test environments. “Temporary” test infrastructure often becomes permanent, creating persistent misconfigurations...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.12 views

Root-Cause-Driven Automated Vulnerability Repair

Recent LLM-based systems have made automated vulnerability repair increasingly practical, but two challenges remain. First, without strong signals about where a bug originates, repair agents drift toward shallow edits that silence the observed failure while leaving the underlying defect unresolve...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/05 12:0 a.m.7 views

Generating Proof-Of-Vulnerability Tests to Help Enhance the Security of Complex Software

Developers create modern software applications Apps on top of third-party libraries Libs. When library vulnerabilities are reachable through application code, the applications can be vulnerable to software supply chain attacks. Prior work shows that developers often require concrete and executabl...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.8 views

Evaluating Retrieval-Augmented Generation for Explainable Malware Analysis

Large Language Models LLMs are increasingly being used as security engineering tools to summarize and explain malware behavior to analysts. A common assumption is that Retrieval-Augmented Generation RAG improves explanation quality by injecting external security knowledge. In this work, we...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36424

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAIC TRANS DEACTIVATE FROM DEV transaction to the host over the QAIC CONTROL MHI channel. QAIC handles this by calling decode...

5.7AI score0.00129EPSS
Exploits0References6
Fedora
Fedora
added 2026/04/25 1:53 a.m.10 views

[SECURITY] Fedora 44 Update: mupdf-1.27.1-10.fc44

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

7.8CVSS5.7AI score0.00213EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/24 3:26 p.m.125 views

authorized-pentest

authorized-pentest A runbook-style Claude Code skill for runn...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/22 12:0 a.m.16 views

Text Steganography with Dynamic Codebook and Multimodal Large Language Model

With the popularity of the large language models LLMs, text steganography has achieved remarkable performance. However, existing methods still have some issues: 1 For the white-box paradigm, this steganography behavior is prone to exposure due to sharing the off-the-shelf language model between...

5.8AI score
Exploits0
NVD
NVD
added 2026/04/21 9:16 p.m.7 views

CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

4.3CVSS0.00225EPSS
Exploits0References1
HackRead
HackRead
added 2026/04/21 11:43 a.m.8 views

Threat Intel Scraping Without Burning Your Cover or Your Stack

Threat Intel Scraping sounds simple until it isn’t, here’s how cybersecurity teams avoid blocks, bad data, and unnecessary risk...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.37 views

Insights into Security-Related AI-Generated Pull Requests

Recent years have experienced growing contributions of AI coding agents that assist human developers in various software engineering tasks. However, this growing AI-assisted autonomy raises questions about security and trust. In this paper, we analyze more than 33,000 AI-generated pull requests P...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.13 views

Oracle Agile Product Lifecycle Management for Process 安全漏洞

Oracle Agile Product Lifecycle Management for Process is a product lifecycle management system designed for the process industry by Oracle Corporation. Version 6.2.4 of Oracle Agile Product Lifecycle Management for Process contains a security vulnerability. This vulnerability stems from issues wi...

4.3CVSS7.2AI score0.00225EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013103)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013103 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in...

5.6AI score0.00175EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011346)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011346 advisory. In the Linux kernel, the following vulnerability has been resolved: block: don't allow the same type rqqos add more than once In our test of iocost, we encountered...

5.5CVSS6AI score0.00159EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2026/04/20 11:30 a.m.8 views

Why Most AI Deployments Stall After the Demo

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.8 views

Towards Optimal Agentic Architectures for Offensive Security Tasks

Agentic security systems increasingly audit live targets with tool-using LLMs, but prior systems fix a single coordination topology, leaving unclear when additional agents help and when they only add cost. We treat topology choice as an empirical systems question. We introduce a controlled...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.14 views

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5084069)

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5084069...

5.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2026/04/14 5:0 p.m.31 views

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5084070)

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5084070...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2026/04/14 12:0 a.m.25 views

April 14, 2026-KB5084067 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

April 14, 2026-KB5084067 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Revised April 22, 2026: Revised on April 22nd, 2026 to add the known issue section. Release Date: April 14, 2026 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes t...

7.5CVSS6.9AI score0.02279EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/14 12:0 a.m.10 views

LLM-Guided Prompt Evolution for Password Guessing

Passwords still remain a dominant authentication method, yet their security is routinely subverted by predictable user choices and large-scale credential leaks. Automated password guessing is a key tool for stress-testing password policies and modeling attacker behavior. This paper applies...

5.8AI score
Exploits0
Rows per page
Query Builder