VulTriage: Triple-Path Context Augmentation for LLM-Based Vulnerability Detection

Automated vulnerability detection is a fundamental task in software security, yet existing learning-based methods still struggle to capture the structural dependencies, domain-specific vulnerability knowledge, and complex program semantics required for accurate detection. Recent Large Language...

RRC Steganography

This is a proof of concept tool called Rotation Range-Coding RRC Steganography - an efficient and provably secure linguistic steganographic method that embeds secret messages into natural-language text generated by large language models. Included is the whitepaper discussing this tool called...

AgentWatcher: A Rule-Based Prompt Injection Monitor

Large language models LLMs and their applications, such as agents, are highly vulnerable to prompt injection attacks. State-of-the-art prompt injection detection methods have the following limitations: 1 their effectiveness degrades significantly as context length increases, and 2 they lack...

ProHunter APT Hunting Tool / Paper

Advanced Persistent Threats APTs remain difficult to detect due to their stealthy nature and long-term persistence. To tackle this challenge, provenance-based threat hunting has gained traction as a proactive defense mechanism. This technique models audit logs as a whole-system provenance graph a...

Exploit for CVE-2026-1404

wordpress-vulnerability-fix WordPress XSS Vulnerability Ass...

CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability

CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...

The Promptware Kill Chain: How Prompt Injections Gradually Evolved into a Multi-Step Malware

Whitepaper called The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into A Multi-Step Malware...

LLM Causality Analysis Framework

A comprehensive framework for multi-level causality analysis in Large Language Models LLMs, enabling systematic investigation of safety mechanisms and misbehavior detection across token, neuron, layer, and representation levels. Includes the whitepaper 2512.04841.pdf titled SoK: A Comprehensive...

Bridging the Gap in Vision Language Models in Identifying Unsafe Concepts across Modalities

Whitepaper called Bridging The Gap In Vision Language Models In Identifying Unsafe Concepts Across Modalities...

Crypto-Assisted Graph Degree Sequence Release under Local Differential Privacy

Whitepaper called Crypto-Assisted Graph Degree Sequence Release Under Local Differential Privacy...

Several New Classes of Self-Orthogonal Minimal Linear Codes Violating the Ashikhmin-Barg Condition

Whitepaper called Several New Classes Of Self-Orthogonal Minimal Linear Codes Violating The Ashikhmin-Barg Condition...

Evaluating Post-Quantum Cryptographic Algorithms on Resource-Constrained Devices

Whitepaper called Evaluating Post-Quantum Cryptographic Algorithms On Resource-Constrained Devices...

How Not to Detect Prompt Injections with an LLM

Whitepaper called How Not To Detect Prompt Injections With An LLM...

Pseudo-Equilibria, Or: How to Stop Worrying about Crypto and Just Analyze the Game

Whitepaper called Pseudo-Equilibria, Or: How To Stop Worrying About Crypto And Just Analyze The Game...

Practical and Accurate Local Edge Differentially Private Graph Algorithms

Whitepaper called Practical And Accurate Local Edge Differentially Private Graph Algorithms...

Private Model Personalization Revisited

Whitepaper called Private Model Personalization Revisited...

PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset

Whitepaper called PolyGuard: Massive Multi-Domain Safety Policy-Grounded Guardrail Dataset...

Gh0stEdit: Exploiting Layer-Based Access Vulnerability within Docker Container Images

Whitepaper called Gh0stEdit: Exploiting Layer-Based Access Vulnerability Within Docker Container Images...

A Reward-Driven Automated Webshell Malicious-Code Generator for Red-Teaming

Whitepaper called A Reward-Driven Automated Webshell Malicious-Code Generator For Red-Teaming...

Private Lossless Multiple Release

Whitepaper called Private Lossless Multiple Release...