STAC: When Innocent Tools Form Dangerous Chains to Jailbreak LLM Agents

As LLMs advance into autonomous agents with tool-use capabilities, they introduce security challenges that extend beyond traditional content-based LLM safety concerns. This paper introduces Sequential Tool Attack Chaining STAC, a novel multi-turn attack framework that exploits agent tool use. STA...

cs253.stanford.edu

It is an offensive tool for web application security education. The repository contains a collection of assignments and exercises for the CS 253 Web Security course at Stanford University. The assignments are designed to educate students on various web security topics, including client-side...

Defending a City from Multi-Drone Attacks: a Sequential Stackelberg Security Games Approach

To counter an imminent multi-drone attack on a city, defenders have deployed drones across the city. These drones must intercept/eliminate the threat, thus reducing potential damage from the attack. We model this as a Sequential Stackelberg Security Game, where the defender first commits to a mix...

CVE-2025-47872

The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gai...

CVE-2025-47872 EG4 Electronics EG4 Inverters Observable Discrepancy

The public-facing product registration endpoint server responds differently depending on whether the S/N is valid and unregistered, valid but already registered, or does not exist in the database. Combined with the fact that serial numbers are sequentially assigned, this allows an attacker to gai...

LLM4MEA: Data-Free Model Extraction Attacks on Sequential Recommenders Via Large Language Models

Recent studies have demonstrated the vulnerability of sequential recommender systems to Model Extraction Attacks MEAs. MEAs collect responses from recommender systems to replicate their functionality, enabling unauthorized deployments and posing critical privacy and security risks. Black-box...

Adaptive Malware Detection Using Sequential Feature Selection: a Dueling Double Deep Q-Network (D3QN) Framework for Intelligent Classification

Traditional malware detection methods exhibit computational inefficiency due to exhaustive feature extraction requirements, creating accuracy-efficiency trade-offs that limit real-time deployment. We formulate malware classification as a Markov Decision Process with episodic feature acquisition a...

MAYA: Addressing Inconsistencies in Generative Password Guessing through a Unified Benchmark

Recent advances in generative models have led to their application in password guessing, with the aim of replicating the complexity, structure, and patterns of human-created passwords. Despite their potential, inconsistencies and inadequate evaluation methodologies in prior research have hindered...

SoK: Machine Unlearning for Large Language Models

Large language model LLM unlearning has become a critical topic in machine learning, aiming to eliminate the influence of specific training data or knowledge without retraining the model from scratch. A variety of techniques have been proposed, including Gradient Ascent, model editing, and...

Tarallo: Evading Behavioral Malware Detectors in the Problem Space

Machine learning algorithms can effectively classify malware through dynamic behavior but are susceptible to adversarial attacks. Existing attacks, however, often fail to find an effective solution in both the feature and problem spaces. This issue arises from not addressing the intrinsic...

Joint Data Hiding and Partial Encryption of Compressive Sensed Streams

The paper proposes a method to secure the Compressive Sensing CS streams. It consists in protecting part of the measurements by a secret key and inserting the code into the rest. The secret key is generated via a cryptographically secure pseudo-random number generator CSPRNG and XORed with the...

Privacy-Preserving Runtime Verification

Runtime verification offers scalable solutions to improve the safety and reliability of systems. However, systems that require verification or monitoring by a third party to ensure compliance with a specification might contain sensitive information, causing privacy concerns when usual runtime...

Moodle 3.11.x < 3.11.16 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16, 4.0.x prior to 4.0.10, 4.1.x prior to 4.1.5 or 4.2.x prior to 4.2.2. It is, therefore, affected by multiple vulnerabilities. - Insufficient limitations made it possibl...

Moodle 4.1.x < 4.1.5 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16, 4.0.x prior to 4.0.10, 4.1.x prior to 4.1.5 or 4.2.x prior to 4.2.2. It is, therefore, affected by multiple vulnerabilities. - Insufficient limitations made it possibl...

Moodle < 3.9.23 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16, 4.0.x prior to 4.0.10, 4.1.x prior to 4.1.5 or 4.2.x prior to 4.2.2. It is, therefore, affected by multiple vulnerabilities. - Insufficient limitations made it possibl...

CVE-2025-32263

Cross-Site Request Forgery CSRF vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through = 3.6.2...

CVE-2025-32263

Cross-Site Request Forgery CSRF vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through = 3.6.2...

CVE-2025-32263

Technical details (affected versions beyond 3.6.2, root cause, exploit info, remediation) are not provided in the supplied documents; monitoring is advised.

CVE-2025-32263 WordPress Sequential Order Numbers for WooCommerce plugin <= 3.6.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through = 3.6.2...

WordPress plugin Sequential Order Numbers for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...