Measuring Security without Fooling Ourselves: Why Benchmarking Agents Is Hard

The benchmarks used to evaluate AI agents in security-critical roles suffer from crucial weaknesses. Building on recent empirical evidence, we characterize three core challenges that undermine security evaluations: benchmark vulnerabilities, temporal staleness, and runtime uncertainty. We then...

Malicious code in is-really-odd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f205432fff885dce7a6dee0e8d1267c65944d3e486abd566683caeaad833692 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

FIRCE: A Framework for Intrusion Response and Conformal Evaluation

Machine learning-based intrusion detection systems deployed in real-world environments frequently suffer from model degradation due to concept drift, where changes in traffic patterns invalidate training assumptions. To address this, we present FIRCE, a Framework for Intrusion Response and...

Malicious code in @mx-shared/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80722921f3ba7863b8f28031aa4edf777ce8e270fab10bcead75016a286cb125 The package @mx-shared/utils was found to contain malicious code. Source: ghsa-malware 30ead10eaa18cee42152061c23ee9a84c465e687911f78dd1ae0c613f1c2b1...

Conflict-Aware Robust Design for Covert Wireless Communications

Covert wireless communication aims to establish a reliable link while hiding the transmission from an adversary. In wireless settings, uncertainty plays a central role in this tradeoff: it can help mask the signal from a warden, but it also complicates robust system design. This raises a basic...

Malicious code in @emilgroup/billing-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d6e9b450a96ca7b1280b8799dd80c62762d7025a50ea25eabf80c69eb0bb9e The package @emilgroup/billing-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1519 Malicious code in import-newlines (npm)

The package 'import-newlines' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

Deep Learning-Driven Friendly Jamming for Secure Multicarrier ISAC under Channel Uncertainty

Integrated sensing and communication ISAC systems promise efficient spectrum utilization by jointly supporting radar sensing and wireless communication. This paper presents a deep learning-driven framework for enhancing physical-layer security in multicarrier ISAC systems under imperfect channel...

Malicious code in whop-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 943bd287cb6375798fdee15ba33f85737201ea9934952ee5d1f2a2336e8cd65c The package whop-sdk was found to contain malicious code. Source: ghsa-malware 4c3e9ca78194532c222b978afd00f7bb4be1ca1ba6cd442e1892d17ee6e67ccc Any...

MAL-2026-1185 Malicious code in @bookings.microsoft.com/s (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa10e8f4ab4580d4d9aedaee9a9e0c036b3248364f0680727df6871025d7e2f9 The package @bookings.microsoft.com/s was found to contain malicious code. Source: ghsa-malware...

Malicious code in @zakhaevv/envai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccd4de2673a9f50b205b51474085ef3eb3e78f06618873183038582fb48bacfe The package @zakhaevv/envai was found to contain malicious code. Source: ghsa-malware 12157c0eeb0adb6f316ee9f171691ae08e204ec84f3ad7dabf9213e2af244b7...

AMDS: Attack-Aware Multi-Stage Defense System for Network Intrusion Detection with Two-Stage Adaptive Weight Learning

Machine learning based network intrusion detection systems are vulnerable to adversarial attacks that degrade classification performance under both gradient-based and distribution shift threat models. Existing defenses typically apply uniform detection strategies, which may not account for...

Red-Teaming Claude Opus and ChatGPT-Based Security Advisors for Trusted Execution Environments

Trusted Execution Environments TEEs e.g., Intel SGX and ArmTrustZone aim to protect sensitive computation from a compromised operating system, yet real deployments remain vulnerable to microarchitectural leakage, side-channel attacks, and fault injection. In parallel, security teams increasingly...

Agentic AI for Cybersecurity: A Meta-Cognitive Architecture for Governable Autonomy

Contemporary AI-driven cybersecurity systems are predominantly architected as model-centric detection and automation pipelines optimized for task-level performance metrics such as accuracy and response latency. While effective for bounded classification tasks, these architectures struggle to...

MAL-2026-767 Malicious code in 0xhash-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6533d0ccd6be4affddc7247e6f5e925ac35fbe47d877eb2cc0ace6e493acc497 The package 0xhash-utils was found to contain malicious code. Source: ghsa-malware df192d86e51f442508e66c54064ef3c8d9c2cbe92133f87a522bc968dc4f6f45 A...

Toward Risk Thresholds for AI-Enabled Cyber Threats: Enhancing Decision-Making under Uncertainty with Bayesian Networks

Artificial intelligence AI is increasingly being used to augment and automate cyber operations, altering the scale, speed, and accessibility of malicious activity. These shifts raise urgent questions about when AI systems introduce unacceptable or intolerable cyber risk, and how risk thresholds...

MAL-2026-403 Malicious code in worldnormal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 406eb16c91569acae88fa2f33de6107f6a758568c40b800908ac924d1a7e87fd The package worldnormal was found to contain malicious code. Source: ghsa-malware 1c9bf70b2f92f241477ec0cae21b7f094e1d4d1090cbb837bfd90fa9430f26ac An...

Malicious code in victim-package-b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 152e8188fd82f0ea4ee410d725bb96ab33af5767241fcefb555ef8dfaffd39bf The package victim-package-b was found to contain malicious code. Source: ghsa-malware 324aadc54f696916c968e82f4704d088384eab1ce76c08f2a3d3d0aa59fece...

Finite-Size Security of QKD: Comparison of Three Proof Techniques

We compare three proof techniques for composable finite-size security of quantum key distribution under collective attacks, with emphasis on how the resulting secret-key rates behave at practically relevant block lengths. As a benchmark, we consider the BB84 protocol and evaluate finite-size...

Decision-Aware Trust Signal Alignment for SOC Alert Triage

Detection systems that utilize machine learning are progressively implemented at Security Operations Centers SOCs to help an analyst to filter through high volumes of security alerts. Practically, such systems tend to reveal probabilistic results or confidence scores which are ill-calibrated and...