Agent Security Is a Systems Problem

We take the position that agent security must be approached as a systems problem: the AI model powering the agent must be treated as an untrusted component, and security invariants must be enforced at the system level. Through this lens, efforts to increase model robustness the dominant viewpoint...

How Microsoft Defender protects high-value assets in real-world attack scenarios

In this article 1. Using asset context to strengthen detection 2. How high-value asset protection works 3. Real-world high-value asset protection scenarios 4. Protecting your HVAs 5. Learn more High-value assets including domain controllers, web servers, and identity infrastructure are frequent...

How Threat Intelligence Transforms Vulnerability Management

Your security team isn't just fixing technical flaws; they're protecting the business from tangible risks. The problem is, a list of thousands of CVEs doesn't communicate business impact very well. It’s just noise until you can connect a vulnerability to a potential outcome. Threat intelligence...

What Is Security Control Validation? A Practical Guide

A fully-stocked security arsenal can create a dangerous false sense of security. You might have the best technology on the market, but misconfigurations, policy gaps, or a lack of integration can leave you just as exposed as having no tools at all. Relying on a defense that only looks good on pap...

HSEC-2023-0001 Hash flooding vulnerability in aeson

Hash flooding vulnerability in aeson aeson was vulnerable to hash flooding a.k.a. hash DoS. The issue is a consequence of the HashMap implementation from unordered-containers. It results in a denial of service through CPU consumption. This technique has been used in real-world attacks against a...

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 CVSS score: 8.6 and CVE-2025-27038 CVSS score: 7.5, both of which were disclose...

vulns

It is an offensive tool for Linux. The repository, 'vulns', contains a collection of vulnerabilities and attacks, including Slowloris, BEAST, CRIME, BREACH, TIME, Heartbleed, CCS Injection, Shellshock, Drupalgeddon, POODLE, goto fail, GHOST, FREAK, Superfish, Rowhammer, Logjam, Stagefright, VENOM...

Attacker'S Noise Can Manipulate Your Audio-Based LLM in the Real World

This paper investigates the real-world vulnerabilities of audio-based large language models ALLMs, such as Qwen2-Audio. We first demonstrate that an adversary can craft stealthy audio perturbations to manipulate ALLMs into exhibiting specific targeted behaviors, such as eliciting responses to...

AgentVigil: Generic Black-Box Red-Teaming for Indirect Prompt Injection against LLM Agents

The strong planning and reasoning capabilities of Large Language Models LLMs have fostered the development of agent-based systems capable of leveraging external tools and interacting with increasingly complex environments. However, these powerful features also introduce a critical security risk:...

PT-2025-21003

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to a use-after-free vulnerability in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

PT-2025-21008 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to improper input validation in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

Threat Replay Testing: Turning Attackers into Pen Testers

API security is no longer just a concern; it’s a critical priority for businesses. With APIs serving as the backbone of modern applications, they’ve become a primary target for attackers. While automated security testing tools help detect vulnerabilities, their limitations leave organizations...

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure ACI product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 CVSS score: 9.8, concerns a case of remote code execution that stems from the use of defau...

Alert! Hackers Exploiting Critical Vulnerability in VMware's Aria Operations Networks

VMware has flagged that a recently patched critical command injection vulnerability in Aria Operations for Networks formerly vRealize Network Insight has come under active exploitation in the wild. The flaw, tracked as CVE-2023-20887, could allow a malicious actor with network access to the produ...

Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps

An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week. "Nexus provid...

What is an External Penetration Test?

A penetration test also known as a pentest is a security assessment that simulates the activities of real-world attackers to identify security holes in your IT systems or applications. The aim of the test is to understand what vulnerabilities you have, how they could be exploited, and what the...

New Amazon Ring Vulnerability Could Have Exposed All Your Camera Recordings

Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user's device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads and enables users to...

PT-2022-2444

Name of the Vulnerable Software and Affected Versions Sophos Firewall versions prior to v18.5 MR3 18.5.3 Sophos XG Firewall version 17.0.10 MR-10 Description An authentication bypass issue exists in the User Portal and Webadmin components of Sophos Firewall, potentially allowing a remote attacker...

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal Unified CCMP and Unified Contact Center Domain Manager Unified CCDM that could be exploited by a remote attacker to take control of an affected system. Tracked as...

BlackCat: A New Rust-based Ransomware Malware Spotted in the Wild

Details have emerged about what's the first Rust-language-based ransomware strain spotted in the wild that has already amassed "some victims from different countries" since its launch last month. The ransomware, dubbed BlackCat, was disclosed by MalwareHunterTeam. "Victims can pay with Bitcoin or...