ROS-20260524-73-0058

Vulnerability in golang-x-crypto related to the use of insufficiently randomized values. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

Exploit for Server-Side Request Forgery in Apache Axis

Axis1.4 CVE-2019-0227 Remote Command Execution Vulnerability E...

ExploitBench: A Capability Ladder Benchmark for LLM Cybersecurity Agents

Exploitation is not a binary event. It is a ladder of acquiring progressive capabilities, from executing a single buggy line of code to taking full control of the target. However, existing LLM security benchmarks treat a crash as exploitation success. That single binary outcome collapses the hard...

MAL-2026-3666 Malicious code in 01-0redi7qgbz0uv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ceb633970757ab5d5ee0b64512c18d46be8402ac2169769101655a697ee5d6d the analysis found that this package has a garbage randomized name '01-0redi7qgbz0uv', empty description, placeholder test script, and an index.js th...

CVE-2026-41584

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the identity a "zero"...

Towards Certified Malware Detection: Provable Guarantees against Evasion Attacks

Machine learning-based static malware detectors remain vulnerable to adversarial evasion techniques, such as metamorphic engine mutations. To address this vulnerability, we propose a certifiably robust malware detection framework based on randomized smoothing through feature ablation and targeted...

PowMix botnet targets Czech workforce

Cisco Talos discovered an ongoing malicious campaign, operating since at least December 2025, affecting a broader workforce in the Czech Republic with a previously undocumented botnet we call "PowMix." PowMix employs randomized command-and-control C2 beaconing intervals, rather than persistent...

CVE-2026-32053 OpenClaw < 2026.2.23 - Twilio Webhook Replay Bypass via Randomized Event ID Normalization

OpenClaw versions prior to 2026.2.23 contain a vulnerability in Twilio webhook event deduplication where normalized event IDs are randomized per parse, allowing replay events to bypass manager dedupe checks. Attackers can replay Twilio webhook events to trigger duplicate or stale call-state...

CVE-2026-32053

CVE-2026-32053 affects OpenClaw versions prior to 2026.2.23. The root cause is a flaw in Twilio webhook event deduplication, where normalized event IDs are randomized per parse, allowing replayed webhook events to bypass dedupe checks. This can cause duplicate or stale call-state transitions, lea...

GHSA-VQX8-9XXW-F2M7 OpenClaw's voice-call Twilio webhook replay could bypass manager dedupe because normalized event IDs were randomized per parse

Impact Twilio webhook replay events could bypass voice-call manager dedupe because normalized event IDs were randomized per parse. A replayed event could be treated as new and trigger duplicate or stale call-state transitions. Affected Packages / Versions - Package: openclaw npm - Vulnerable...

RandSet: Randomized Corpus Reduction for Fuzzing Seed Scheduling

Seed explosion is a fundamental problem in fuzzing seed scheduling, where a fuzzer maintains a huge corpus and fails to choose promising seeds. Existing works focus on seed prioritization but still suffer from seed explosion since corpus size remains huge. We tackle this from a new perspective:...

RPP: A Certified Poisoned-Sample Detection Framework for Backdoor Attacks under Dataset Imbalance

Deep neural networks are highly susceptible to backdoor attacks, yet most defense methods to date rely on balanced data, overlooking the pervasive class imbalance in real-world scenarios that can amplify backdoor threats. This paper presents the first in-depth investigation of how the dataset...

SemCovert: Secure and Covert Video Transmission Via Deep Semantic-Level Hiding

Video semantic communication, praised for its transmission efficiency, still faces critical challenges related to privacy leakage. Traditional security techniques like steganography and encryption are challenging to apply since they are not inherently robust against semantic-level transformations...

WordPress plugin WebP Express 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WebP Express, which stem...

Randomized Controlled Trials for Phishing Triage Agent

Security operations centers SOCs face a persistent challenge: efficiently triaging a high volume of user-reported phishing emails while maintaining robust protection against threats. This paper presents the first randomized controlled trial RCT evaluating the impact of a domain-specific AI agent ...

Fedora 43 : bind9-next (2025-b68f7f541d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b68f7f541d advisory. Update to 9.21.14 rhbz2394406 Security Fixes: - DNSSEC validation fails if matching but invalid DNSKEY is found. CVE-2025-8677 - Address various...

Malicious code in concurrently-grus-vuepress-zenith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7074c66c67ba8954226ffe4caea4be815b7cbdb15439e2f2e1a589d8eab0e173 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in thread-daemon-try-omega-mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1e433f4a84e6efa7b11638b10854c927218008bde39976e0df1922164229fc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in middleware-mini-css-extract-plugin-ignite-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f3e82122591102f60da59a1022fd9f2b71682cbab9b037920a755ef505cc80d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in uranology-less-markdown-pdf-eclipse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c7bd429984bdfad6fb783aa98cdd8ab753a86703687e1e723fc3a2e3aee022d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...