ContraFix: Agentic Vulnerability Repair Via Differential Runtime Evidence and Skill Reuse

Large language model LLM agents are increasingly used for automated vulnerability repair AVR, where repository-level reasoning enables them to inspect context and produce source-code patches. However, recent empirical results show that these agents still struggle with real-world vulnerabilities...

ARGUS: Defending LLM Agents against Context-Aware Prompt Injection

The rise of Large Language Model LLM agents, augmented with tool use, skills, and external knowledge, has introduced new security risks. Among them, prompt injection attacks, where adversaries embed malicious instructions into the agent workflow, have emerged as the primary threat. However,...

Skill-Inject: Measuring Agent Vulnerability to Skill File Attacks

LLM agents are evolving rapidly, powered by code execution, tools, and the recently introduced agent skills feature. Skills allow users to extend LLM applications with specialized third-party code, knowledge, and instructions. Although this can extend agent capabilities to new domains, it creates...

Benchmarking Large Language Models for Zero-Shot and Few-Shot Phishing URL Detection

The Uniform Resource Locator URL, introduced in a connectivity-first era to define access and locate resources, remains historically limited, lacking future-proof mechanisms for security, trust, or resilience against fraud and abuse, despite the introduction of reactive protections like HTTPS...

Can MLLMs Detect Phishing? A Comprehensive Security Benchmark Suite Focusing on Dynamic Threats and Multimodal Evaluation in Academic Environments

The rapid proliferation of Multimodal Large Language Models MLLMs has introduced unprecedented security challenges, particularly in phishing detection within academic environments. Academic institutions and researchers are high-value targets, facing dynamic, multilingual, and context-dependent...

MCPSecBench: a Systematic Security Benchmark and Playground for Testing Model Context Protocols

Large Language Models LLMs are increasingly integrated into real-world applications via the Model Context Protocol MCP, a universal, open standard for connecting AI agents with data sources and external tools. While MCP enhances the capabilities of LLM-based agents, it also introduces new securit...

RAS-Eval: a Comprehensive Benchmark for Security Evaluation of LLM Agents in Real-World Environments

The rapid deployment of Large language model LLM agents in critical domains like healthcare and finance necessitates robust security frameworks. To address the absence of standardized evaluation benchmarks for these agents in dynamic environments, we introduce RAS-Eval, a comprehensive security...

LLMs Caught in the Crossfire: Malware Requests and Jailbreak Challenges

The widespread adoption of Large Language Models LLMs has heightened concerns about their security, particularly their vulnerability to jailbreak attacks that leverage crafted prompts to generate malicious outputs. While prior research has been conducted on general security capabilities of LLMs,...

Disable IP Forwarding

If a node does not function as a gateway server, disable the IP forwarding function. Otherwise, attackers can use the node as a router. In the container scenario, if network packets need to be forwarded through the host, IP forwarding is allowed. SPDX-FileCopyrightText: 2025 Greenbone AG Some tex...

Configure the dmesg Access Permission Properly

The permission to access dmesg information is restricted. Unprivileged users cannot view system information. This prevents any one from obtaining sensitive information and attacking the system. Only processes with the CAPSYSLOG capability are allowed to access kernel logs. In this way, the least...

Do Not Use X11 Forwarding

The X11 forwarding function of SSH allows the GUI program of the remote host to be executed on the local host. If the X11 forwarding function is enabled, the attack surface is expanded and other users on the X11 server may attack the local host. If the function is not required in the service...

Configure a Proper Number of Concurrent Unauthenticated SSH Connections

Without knowing the password, an attacker can set up a large number of concurrent connections that have not been authenticated to consume system resources. The number of concurrent unauthenticated SSH connections is not configured in openEuler by default. You are advised to configure the upper...

Disable SysRq

SysRq enables users with physical access to access dangerous system-level commands in a computer. Therefore, it is advised to restrict the usage of the SysRq function. If SysRq is not disabled, you can use the keyboard to trigger SysRq. As a result, commands may be directly sent to the kernel,...

Configure Proper Policies for OUTPUT of nftables

There are two occasions in which a server sends outgoing packets: 1. The local host process proactively connects to an external server, for example, performing an HTTP access, or sending data to a log server. 2. The local host responds to the external access to the local services. If no policy is...

Ensure Kernel SMEP is Enabled

Supervisor Mode Execution Prevention SMEP can be enabled to prevent the user-space code execution on the kernel. If SMEP is not enabled, attackers can execute the user-space code through kernel-mode code redirection, which increases the attack surface and reduces system security. SMEP is enabled ...

New InsightCloudSec Compliance Pack: Key Takeaways From the Azure Security Benchmark V3

Implementing the proper security policies and controls to keep cloud environments, and the applications and sensitive data they host secure, is a daunting task for anyone. It’s even more of a challenge for folks that are just getting started on their journey to the cloud, and for teams that lack...

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center...

Azure Security Benchmark—90 security and compliance best practices for your workloads in Azure

The Azure security team is pleased to announce that the Azure Security Benchmark v1 ASB is now available. ASB is a collection of over 90 security best practices recommendations you can employ to increase the overall security and compliance of all your workloads in Azure. The ASB controls are base...

Best practices for securely moving workloads to Microsoft Azure

Azure is Microsofts cloud computing environment. It offers customers three primary service delivery models including infrastructure as a service IaaS, platform as a service PaaS, and software as a service SaaS. Adopting cloud technologies requires a shared responsibility model for security, with...

WAF Security Benchmark: WAFPASS

WAF Security Benchmark WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer...