823 matches found
BayreuthWing
A transformer-based deep learning system for detecting securit...
RansomTrack: A Hybrid Behavioral Analysis Framework for Ransomware Detection
Ransomware poses a serious and fast-acting threat to critical systems, often encrypting files within seconds of execution. Research indicates that ransomware is the most reported cybercrime in terms of financial damage, highlighting the urgent need for early-stage detection before encryption is...
Broken Quantum: A Systematic Formal Verification Study of Security Vulnerabilities across the Open-Source Quantum Computing Simulator Ecosystem
Quantum computing simulators form the classical software foundation on which virtually all quantum algorithm research depends. We present Broken Quantum, the first comprehensive formal security audit of the open-source quantum computing simulator ecosystem. Applying COBALT QAI -- a four-module...
dst-engine
DST: Deterministic Security Testing Static analysis that does...
CritBench: A Framework for Evaluating Cybersecurity Capabilities of Large Language Models in IEC 61850 Digital Substation Environments
The advancement of Large Language Models LLMs has raised concerns regarding their dual-use potential in cybersecurity. Existing evaluation frameworks overwhelmingly focus on Information Technology IT environments, failing to capture the constraints, and specialized protocols of Operational...
Guiding Symbolic Execution with Static Analysis and LLMs for Vulnerability Discovery
Symbolic execution detects vulnerabilities with precision, but applying it to large codebases requires harnesses that set up symbolic state, model dependencies, and specify assertions. Writing these harnesses has traditionally been a manual process requiring expert knowledge, which significantly...
Argus: Reorchestrating Static Analysis Via a Multi-Agent Ensemble for Full-Chain Security Vulnerability Detection
Recent advancements in Large Language Models LLMs have sparked interest in their application to Static Application Security Testing SAST, primarily due to their superior contextual reasoning capabilities compared to traditional symbolic or rule-based methods. However, existing LLM-based approache...
A Multi-Agent Framework for Automated Exploit Generation with Constraint-Guided Comprehension and Reflection
Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports with high false positive rates. Automated Exploit Generatio...
Credential Leakage in LLM Agent Skills: A Large-Scale Empirical Study
Third-party skills extend LLM agents with powerful capabilities but often handle sensitive credentials in privileged environments, making leakage risks poorly understood. We present the first large-scale empirical study of this problem, analyzing 17,022 skills sampled from 170,226 on SkillsMP usi...
Quantum-Safe Code Auditing: LLM-Assisted Static Analysis and Quantum-Aware Risk Scoring for Post-Quantum Cryptography Migration
The impending arrival of cryptographically relevant quantum computers CRQCs threatens the security foundations of modern software: Shor's algorithm breaks RSA, ECDSA, ECDH, and Diffie-Hellman, while Grover's algorithm reduces the effective security of symmetric and hash-based schemes. Despite NIS...
An Empirical Comparison of Security and Privacy Characteristics of Android Messaging Apps
Mobile messaging apps are a fundamental communication infrastructure, used by billions of people every day to share information, including sensitive data. Security and Privacy are thus critical concerns for such applications. Although the cryptographic protocols prevalent in messaging apps are...
Debt behind the AI Boom: A Large-Scale Empirical Study of AI-Generated Code in the Wild
AI coding assistants are now widely used in software development. Software developers increasingly integrate AI-generated code into their codebases to improve productivity. Prior studies have shown that AI-generated code may contain code quality issues under controlled settings. However, we still...
ANT-2026-9VJ9JJXQ · junrar · Path Traversal
path-traversal medium GHSA-j273-m5qq-6825 Severity Claude high · Security research firm - · Maintainer medium Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-9VJ9JJXQ: Arbitrary file write due to backslash path traversal...
ANT-2026-H5T8XKWR · TryGhost/Ghost · sql-injection
sql-injection critical GHSA-w52v-v783-gw97 Severity Claude critical · Security research firm - · Maintainer critical Discovered by Claude Mythos Preview REPORT The report below was sent to the maintainer and sealed at approval. ANT-2026-H5T8XKWR: SQL injection in Content API The Ghost Content API...
penclaw
🦀 PenClaw AI-powered penetration testing CLI. One command...
Finding Memory Leaks in C/C++ Programs Via Neuro-Symbolic Augmented Static Analysis
Memory leaks remain prevalent in real-world C/C++ software. Static analyzers such as CodeQL provide scalable program analysis but frequently miss such bugs because they cannot recognize project-specific custom memory-management functions and lack path-sensitive control-flow modeling. We present...
Synopsys Coverity Connect 安全漏洞
Synopsys Coverity Connect is a web-based platform provided by Synopsys, Inc. It primarily consists of static code analysis tools and dynamic code analysis tools. Synopsys Coverity Connect has security vulnerabilities; one of these vulnerabilities stems from the identity verification logic in the...
SUSE CVE-2026-23344
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...
Claude Code Security and Magecart: Getting the Threat Model Right
When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As teams adopt Claude Code Security for static analysis, this is the exact technical boundary where AI...
Hybrid-Vulnerability-Analyzer
🛡️ Hybrid AI Vulnerability Analyzer & PoC/Exploit Generator A...