520 matches found
MAL-2026-6039 Malicious code in @mastra/temporal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214be711b41a8883e3252f0e9e41bc902d62da7650334b2efdc7424194989101 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
An Improved CNN-LSTM Based Intrusion Detection System for IoT Networks
With the rapid proliferation of IoT devices, security concerns have dramatically escalated and intrusion detection systems have become critical for protecting networked environments. This paper presents an improved CNN-LSTM based intrusion detection model that combines multi-class classification,...
MalTree: Tracing Malware Evolution from Embeddings at Scale
Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
Security teams need high-quality, labeled datasets to train threat hunters and incident responders, validate detection logic, and develop robust analytic models. EvidenceForge helps teams overcome the limitations of anonymized or stale public datasets, while avoiding the cost and complexity of...
Anonymous YARA Rules Are Not Anonymous
YARA rules are widely shared across threat intelligence communities to enable collective defence against malware. This practice implicitly assumes that removing metadata e.g., author fields sufficiently protects the identity of contributing organisations. To assess the validity of this assumption...
Analyzing Concentration, Temporal Routines and Targeting in Public Ransomware Leak Site Data
Ransomware has grown to become one of the most damaging types of cybercrime, affecting private and public organizations in any sector. While early types of ransomware targeted many victims via automated attacks, ransomware groups have started to specifically target organizations and companies in...
Adversarial Vulnerability under Temporal Concept Drift: A Longitudinal Study of Android Malware Detection
We present a longitudinal, drift-aware evaluation of adversarial robustness across more than a decade of Android applications using static and dynamic feature representations extracted from emulator and real-device executions. The dataset is organized into yearly slices and evaluated under three...
Parser-Free Querying of Security Logs
Security analysts routinely query system logs to detect threats and investigate incidents, but each log source uses its own semi-structured format: logs are cheap to produce, but expensive to use. The standard approach, building per-source parsers to normalize logs into structured schemas, is...
Measuring Security without Fooling Ourselves: Why Benchmarking Agents Is Hard
The benchmarks used to evaluate AI agents in security-critical roles suffer from crucial weaknesses. Building on recent empirical evidence, we characterize three core challenges that undermine security evaluations: benchmark vulnerabilities, temporal staleness, and runtime uncertainty. We then...
CLEANSTART-2026-WW41817 Security fixes for CVE-2026-26958, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 1.29.6-r0
Multiple security vulnerabilities affect the temporal-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-HC15345 Security fixes for CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475 applied in versions: 1.29.2-r0, 1.29.2-r1, 1.29.2-r2, 1.31.0.153.1-r0
Multiple security vulnerabilities affect the temporal-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-JK52519 Security fixes for CVE-2026-26958, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 1.29.6-r0
Multiple security vulnerabilities affect the temporal-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-PM06830 Security fixes for CVE-2026-26958, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 1.29.6-r0
Multiple security vulnerabilities affect the temporal-server package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-KJ58915 Security fixes for CVE-2026-26958, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-fw7p-63qq-7hpr, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475, ghsa-p77j-4mvh-x3m3 applied in versions: 1.30.4-r0
Multiple security vulnerabilities affect the temporal-server package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-FO93349 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-33186, CVE-2026-40890, ghsa-77fj-vx54-gvh7, ghsa-p77j-4mvh-x3m3 applied in versions: 2.44.0-r0, 2.48.2-r0
Multiple security vulnerabilities affect the temporal-ui-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-OH72236 Security fixes for CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx applied in versions: 1.31.0.153.1-r0, 1.31.0.153.3-r0, 1.31.0.153.3-r1
Multiple security vulnerabilities affect the temporal-server package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-UW08576 Security fixes for CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33815, CVE-2026-33816, CVE-2026-34986, CVE-2026-39883, ghsa-78h2-9frx-2jm8, ghsa-9jj7-4m8r-rfcm, ghsa-hfvc-g4fc-pqhx, ghsa-j88v-2chj-qfwx, ghsa-mh2q-q3fh-2475 applied in versions: 1.29.2-r0, 1.29.2-r1, 1.29.2-r2, 1.31.0.153.1-r0
Multiple security vulnerabilities affect the temporal-server-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Topical Shifts in the Dark Web: A Longitudinal Analysis of Content from the Cybercrime Ecosystem
The dark web hosts a dynamic ecosystem of cybercrime forums and marketplaces that adapt to law enforcement pressure, technological change, and economic incentives. Prior research has extracted cyber threat intelligence from these platforms using static snapshots, with limited attention to how...
Security-Aware Planning and Control of Multi-Agent Systems with LTL Tasks
This paper presents a secure-by-construction planning and control framework for multi-agent systems subject to linear temporal logic LTL specifications. The framework protects sensitive information from a passive intruder with partial observations of the agents' motion. Security in multi-agent...
Code-Centric Detection of Vulnerability-Fixing Commits: A Unified Benchmark and Empirical Study
Automated detection of vulnerability-fixing commits VFCs is critical for timely security patch deployment, as advisory databases lag patch releases by a median of 25 days and many fixes never receive advisories. We present a comprehensive evaluation of code language model based VFC detection...