Bastet: A Fine-Grained Expert-Labeled Dataset for DeFi Smart Contract Vulnerability Detection

Smart contract vulnerabilities in Decentralized Finance DeFi protocols resulted in over 1.49 billion USD in confirmed losses in 2024 alone, across 192 incidents 1. As LLM-based vulnerability detection emerges as a promising approach to address these threats, the quality of evaluation datasets has...

snyk-agentic-appsec-poc

Snyk Agentic AppSec POC Proof of concept demonstrating autono...

Quality and Security Signals in AI-Generated Python Refactoring Pull Requests

As AI agents increasingly contribute to code development and maintenance, there is still limited empirical evidence on the quality and risk characteristics of their changes in real-world projects, particularly for refactoring-oriented contributions. It remains unclear how agent-authored refactori...

PickleFuzzer: A Case Study in Fuzzing for Discrepancies between Python Pickle Implementations

Python's native serialization protocol, pickle, is a powerful but insecure format for transferring untrusted data. It is frequently used, especially for saving machine learning models, despite known security challenges. While developers sometimes mitigate this risk by restricting imports during...

ExploitSense

ExploitSense ExploitSense is a local-first vulnerability anal...

PT-2026-33315

Name of the Vulnerable Software and Affected Versions Horilla version 1.5.0 Description An insecure direct object reference in the employee document viewer allows any authenticated user to access uploaded documents of other employees by modifying the document ID in the request. This can lead to t...

PT-2026-33317

Name of the Vulnerable Software and Affected Versions Horilla version 1.5.0 Description A broken access control issue in the helpdesk attachment viewer allows any authenticated user to view attachments from other tickets by modifying the attachment ID. This flaw can lead to the exposure of...

PT-2026-33316

Name of the Vulnerable Software and Affected Versions Horilla version 1.5.0 Description An insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite, replace, or corrupt another employee's document by changing the document ID in the uploa...

GitHub expands application security coverage with AI‑powered detections

AI is accelerating software development and expanding the range of languages and frameworks used in modern repositories. Security teams are increasingly responsible for protecting code written across many ecosystems, not just the core enterprise languages traditionally covered by static analysis...

5 Steps to Turn Compliance Checks into Audit Outcomes

Key Takeaways Audit readiness remains reactive in many organizations, even though security and compliance teams generate continuous findings, evidence, and control data across multiple systems. The real challenge is the gap between compliance activity and audit outcomes, where large volumes of da...

EUVD-2025-205038

Not used...

EUVD-2025-203973

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may be able to access sensitive user data...

EUVD-2020-23270

Malware in sbrugna...

EUVD-2025-8099

Malicious code in bioql PyPI...

CERTFR-2025-ACT-032

creationtimestamp| type| source ---|---|--- 2025-08-04 12:46:14+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3lvl7z56ibm26 2025-08-04 16:38:31+00:00| seen| https://bsky.app/profile/infosecfr.skyfleet.blue/post/3lvlmyiagdq2c...

GHSA-VMQ6-5M68-F53M

creationtimestamp| type| source ---|---|--- 2025-07-16 03:20:51+00:00| seen| https://gist.github.com/safer-bot/4a0c1681f4dce611ef9b2d8ad2491ce6 2025-07-16 03:41:01+00:00| seen| https://gist.github.com/safer-bot/1311a1d6fbeee3ebfc44b603cc3c1e8e 2025-07-16 03:46:52+00:00| seen|...

Wiz and AWS Security Hub Enhance Cloud Risk Prioritization

Wiz joins as a launch partner for AWS Security Hub to help customers act faster on prioritized security findings...

CVE-2025-46420

creationtimestamp| type| source ---|---|--- 2025-04-24 13:05:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13218 2025-04-24 14:16:52+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnkt4xahclj2 2025-04-24 15:49:31+00:00| seen|...

CVE-2022-46945

creationtimestamp| type| source ---|---|--- 2025-04-16 06:53:31+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lmvyz4qv322j 2025-04-17 21:02:30+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmzyvyf7du2a...

SpyCloud Research Shows that Endpoint Detection and Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections

Austin, TX, USA, 7th April 2025, CyberNewsWire...