Automation-Exploit: A Multi-Agent LLM Framework for Adaptive Offensive Security with Digital Twin-Based Risk-Mitigated Exploitation

The offensive security landscape is highly fragmented: enterprise platforms avoid memory-corruption vulnerabilities due to Denial of Service DoS risks, Automatic Exploit Generation AEG systems suffer from semantic blindness, and Large Language Model LLM agents face safety alignment filters and...

Threat modeling AI applications

Proactively identifying, assessing, and addressing risk in AI systems We cannot anticipate every misuse or emergent behavior in AI systems. We can , however, identify what can go wrong, assess how bad it could be, and design systems that help reduce the likelihood or impact of those failure modes...

A new era of agents, a new era of posture

The rise of AI Agents marks one of the most exciting shifts in technology today. Unlike traditional applications or cloud resources, these agents are not passive components- they reason, make decisions, invoke tools, and interact with other agents and systems on behalf of users. This autonomy...

CVE-2020-7270

Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense ATD prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deploy...

kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...

CVE-2025-5770

A reflected cross-site scripting XSS vulnerability exists in the authentication endpoints of multiple WSO2 products due to a lack of output encoding. A malicious actor can inject arbitrary JavaScript payloads into the authentication endpoint, which are reflected back in the response, enabling...

AthenaBench: A Dynamic Benchmark for Evaluating LLMs in Cyber Threat Intelligence

Large Language Models LLMs have demonstrated strong capabilities in natural language reasoning, yet their application to Cyber Threat Intelligence CTI remains limited. CTI analysis involves distilling large volumes of unstructured reports into actionable knowledge, a process where LLMs could...

EUVD-2020-2742

Malware in sbrugna...

EUVD-2025-9875

Malicious code in bioql PyPI...

EUVD-2025-9874

Malicious code in bioql PyPI...

EUVD-2025-13773

Malicious code in bioql PyPI...

EUVD-2025-19382

Malicious code in bioql PyPI...

EUVD-2022-28099

Malicious code in bioql PyPI...

EUVD-2021-28280

Malicious code in bioql PyPI...

Digital Sovereignty Control Framework for Military AI-Based Cyber Security

In today's evolving threat landscape, ensuring digital sovereignty has become mandatory for military organizations, especially given their increased development and investment in AI-driven cyber security solutions. To this end, a multi-angled framework is proposed in this article in order to defi...

Trend Vision One Integrates Microsoft Defender for Endpoint

Discover how Trend Vision One integrates with Microsoft Defender for Endpoint to unify visibility, close security gaps, and accelerate risk mitigation - maximizing protection without replacing existing tools...

Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices

We’re excited to launch Microsoft Secure Future Initiative SFI patterns and practices : a new library of actionable guidance designed to help organizations implement security measures at scale. This launch marks the next step in our journey to make our SFI learnings practical for our customers,...

Quantifying the ROI of Cyber Threat Intelligence: a Data-Driven Approach

The valuation of Cyber Threat Intelligence CTI remains a persistent challenge due to the problem of negative evidence: successful threat prevention results in non-events that generate minimal observable financial impact, making CTI expenditures difficult to justify within traditional cost-benefit...

SUSE SLES15 Security Update : kernel (Live Patch 27 for SLE 15 SP4) (SUSE-SU-2025:02455-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02455-1 advisory. This update for the Linux Kernel 5.14.21-15040024122 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD:...

The CryptoNeo Threat Modelling Framework (CNTMF): Securing Neobanks and Fintech in Integrated Blockchain Ecosystems

The rapid integration of blockchain, cryptocurrency, and Web3 technologies into digital banks and fintech operations has created an integrated environment blending traditional financial systems with decentralised elements. This paper introduces the CryptoNeo Threat Modelling Framework CNTMF, a...