3 matches found
Red Teaming Program Repair Agents: When Correct Patches Can Hide Vulnerabilities
LLM-based agents are increasingly deployed for software maintenance tasks such as automated program repair APR. APR agents automatically fetch GitHub issues and use backend LLMs to generate patches that fix the reported bugs. However, existing work primarily focuses on the functional correctness ...
Hiding Vulnerabilities in Source Code
Really interesting research demonstrating how to hide vulnerabilities in source code by manipulating how Unicode text is displayed. Its really clever, and not the sort of attack one would normally think about. From Ross Andersons blog: We have discovered ways of manipulating the encoding of sourc...
leosreds.de Cross Site Scripting vulnerability OBB-1431223
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...