Backdoor Threats in Variational Quantum Circuits: Taxonomy, Attacks, and Defenses

Variational quantum algorithms VQAs are a central paradigm for noisy intermediate-scale NISQ quantum computing, yet their reliance on predesigned and pretrained variational quantum circuits VQCs introduces critical security vulnerabilities, particularly backdoor attacks. These attacks embed hidde...

Assertain: Automated Security Assertion Generation Using Large Language Models

The increasing complexity of modern system-on-chip designs amplifies hardware security risks and makes manual security property specification a major bottleneck in formal property verification. This paper presents Assertain, an automated framework that integrates RTL design analysis, Common...

Improved Leakage Abuse Attacks in Searchable Symmetric Encryption with EBPF Monitoring

Searchable Symmetric Encryption SSE allows users to search over encrypted data stored on untrusted servers, like cloud providers. While SSE hides the content of queries and documents, it still leaks patterns, such as how often a query is made. These leakages have been shown to enable leakage abus...

The Role of Learning in Attacking Intrusion Detection Systems

Recent work on network attacks have demonstrated that ML-based network intrusion detection systems NIDS can be evaded with adversarial perturbations. However, these attacks rely on complex optimizations that have large computational overheads, making them impractical in many real-world settings. ...

Abusing the Internet of Medical Things: Evaluating Threat Models and Forensic Readiness for Multi-Vector Attacks on Connected Healthcare Devices

Individuals experiencing interpersonal violence IPV, who depend on medical devices, represent a uniquely vulnerable population as healthcare technologies become increasingly connected. Despite rapid growth in MedTech innovation and "health-at-home" ecosystems, the intersection of MedTech...

A Survey of Agentic AI and Cybersecurity: Challenges, Opportunities and Use-Case Prototypes

Agentic AI marks an important transition from single-step generative models to systems capable of reasoning, planning, acting, and adapting over long-lasting tasks. By integrating memory, tool use, and iterative decision cycles, these systems enable continuous, autonomous workflows in real-world...

Publish Your Threat Models! the Benefits Far Outweigh the Dangers

Threat modeling has long guided software development work, and we consider how Public Threat Models PTM can convey useful security information to others. We list some early adopter precedents, explain the many benefits, address potential objections, and cite regulatory drivers. Internal threat...

SoK: Taxonomy and Evaluation of Prompt Security in Large Language Models

Large Language Models LLMs have rapidly become integral to real-world applications, powering services across diverse sectors. However, their widespread deployment has exposed critical security risks, particularly through jailbreak prompts that can bypass model alignment and induce harmful outputs...

Balancing Privacy and Efficiency: Music Information Retrieval Via Additive Homomorphic Encryption

In the era of generative AI, ensuring the privacy of music data presents unique challenges: unlike static artworks such as images, music data is inherently temporal and multimodal, and it is sampled, transformed, and remixed at an unprecedented scale. These characteristics make its core vector...

Space Cybersecurity Testbed: Fidelity Framework, Example Implementation, and Characterization

Cyber threats against space infrastructures, including satellites and systems on the ground, have not been adequately understood. Testbeds are important to deepen our understanding and validate space cybersecurity studies. The state of the art is that there are very few studies on building...

The Hitchhiker'S Guide to Efficient, End-To-End, and Tight DP Auditing

This paper systematizes research on auditing Differential Privacy DP techniques, aiming to identify key insights into the current state of the art and open challenges. First, we introduce a comprehensive framework for reviewing work in the field and establish three cross-contextual desiderata tha...

Dynamic Risk Assessments for Offensive Cybersecurity Agents

Foundation models are increasingly becoming better autonomous programmers, raising the prospect that they could also automate dangerous offensive cyber-operations. Current frontier model audits probe the cybersecurity risks of such agents, but most fail to account for the degrees of freedom...

User Perceptions and Attitudes toward Untraceability in Messaging Platforms

Mainstream messaging platforms offer a variety of features designed to enhance user privacy, such as disappearing messages, password-protected chats, and end-to-end encryption E2EE, which primarily protect message contents. Beyond contents, the transmission of messages generates metadata that can...

A Red Teaming Roadmap Towards System-Level Safety

Large Language Model LLM safeguards, which implement request refusals, have become a widely adopted mitigation strategy against misuse. At the intersection of adversarial machine learning and AI safety, safeguard red teaming has effectively identified critical vulnerabilities in state-of-the-art...

Comprehensive Vulnerability Analysis Is Necessary for Trustworthy LLM-MAS

This paper argues that a comprehensive vulnerability analysis is essential for building trustworthy Large Language Model-based Multi-Agent Systems LLM-MAS. These systems, which consist of multiple LLM-powered agents working collaboratively, are increasingly deployed in high-stakes applications bu...

VideoMarkBench: Benchmarking Robustness of Video Watermarking

The rapid development of video generative models has led to a surge in highly realistic synthetic videos, raising ethical concerns related to disinformation and copyright infringement. Recently, video watermarking has been proposed as a mitigation strategy by embedding invisible marks into...

DoomArena: a Framework for Testing AI Agents against Evolving Security Threats

We present DoomArena, a security evaluation framework for AI agents. DoomArena is designed on three principles: 1 It is a plug-in framework and integrates easily into realistic agentic frameworks like BrowserGym for web agents and $τ$-bench for tool calling agents; 2 It is configurable and allows...

Security-First AI: Foundations for Robust and Trustworthy Systems

The conversation around artificial intelligence AI often focuses on safety, transparency, accountability, alignment, and responsibility. However, AI security i.e., the safeguarding of data, models, and pipelines from adversarial manipulation underpins all of these efforts. This manuscript posits...

Side Channels Are Common

Really interesting research: "Lend Me Your Ear: Passive Remote Physical Side Channels on PCs." Abstract: We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreover, this information is often...

GHSA-56WV-2WR9-3H9R Improper Verification of Cryptographic Signature in fastecdsa

An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s-1, the signature verification fails even if the signature is correct. This behavior is not solely a...