GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

CVE MCP Server 0.2.0

CVE MCP Server is a production-grade Model Context Protocol MCP server that turns Claude into a full-spectrum security analyst. Instead of juggling 15+ browser tabs across NVD, EPSS, CISA KEV, Shodan, VirusTotal, and GreyNoise, ask Claude one question and get correlated intelligence in seconds...

Joern 4.0.562

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

WPProbe Plugin Enumeration Tool 0.12.1

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

Maestro 0.17.1

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

Faraday 5.22.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

AI Toolchain Hijacked: IDE Plugin API Key Theft

Whitepaper called AI Toolchain Hijacked: IDE Plugin API Key Theft. The proliferation of AI-assisted development tools has substantially changed how developers configure and manage credentials in their working environment. Where a developer's IDE once contained little more than syntax highlighting...

Apple Security Advisory 06-16-2026-1

Apple Security Advisory 06-16-2026-1 - Beats Firmware Update 1B211 addresses an eavesdropping vulnerability...

YAMCS Authentication Endpoint Enumeration Script

A low-risk security assessment utility that identifies a YAMCS instance, queries version information, tests the OAuth authentication endpoint with invalid credentials, and observes how the server handles special characters in usernames. The script performs basic reconnaissance and input-validatio...

Joplin Plugin Persistence

This Metasploit module installs a malicious Joplin plugin .jpl into the targets Joplin plugin directory. The plugin executes the payload each time Joplin is launched, providing persistent code execution. Joplin can not be running at the time of plugin installation, or it will be overwritten at...

TOTOLink N300RH Endpoint Scanner

This Metasploit auxiliary module is a safe scanner designed to detect TOTOLINK N300RH devices by identifying web interface fingerprints. It checks for indicators like TOTOLINK or N300RH in HTTP responses and verifies whether the setWiFiBasicConfig CGI endpoint is accessible...

VS Code Extension Security Scanner

A local security auditing tool that scans installed VS Code, VS Code Insiders, VS Code Server, VS Code OSS, and Cursor extensions for potentially suspicious behaviors. The script enumerates extension directories, parses extension metadata, and flags extensions that automatically execute on startu...

TLS Monitoring – Certificate Baseline Tracking and Risk Scoring System

This is a Python-based TLS monitoring framework that performs certificate collection, baseline tracking, and configuration assessment for remote services. The tool records certificate fingerprints, TLS versions, cipher suites, key sizes, and validity periods, stores historical baselines in SQLite...

TLS Certificate Reuse Analyzer

Python-based TLS auditing utility that connects to multiple remote hosts, retrieves their presented TLS certificates, fingerprints each certificate, and compares those fingerprints to identify certificate reuse across systems. It also records basic TLS metadata such as protocol version, cipher...

Veno File Manager 4.4.9 Logs Export Checker

This is a Metasploit auxiliary module used for security testing of Veno File Manager that checks whether the log export endpoint is accessible without authentication...

VS Code Extension Persistence Installer

This Python3 script acts as a persistence mechanism that creates and installs a custom VS Code extension designed to execute a specified operating system command whenever VS Code starts. The script generates a new extension, configures it to activate automatically, registers it with VS Code, and...

Veno File Manager 4.4.9 Access Control Scanner

This script performs basic checks against Veno File Manager to see if sensitive endpoints are exposed...

Artificial Intelligence As Game Changer in Cybersecurity: What We Learned in 2025-2026, and How This Is Relevant for Africa

In 2025 and 2026, two events settled questions that had until then been speculative. In the first, a large language model executed the great majority of a state-aligned cyber-espionage campaign on its own, with human operators intervening at only a few decision points. In the second, the most...

Joern 4.0.560

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

DISARM: Target Electronic Device Informed Mitigation of Software Runtime Side-Channel Vulnerabilities

Program runtime or timing attacks exploit variations in a program's execution times to extract sensitive information from the program e.g. encryption keys, sensitive variable data, intellectual property. State-of-the-art solutions to runtime side-channel attacks attempt to balance the execution...

LLM Agent Safety, Multi-Turn Red-Teaming, Jailbreak Benchmarks, Adversarial Robustness, Safety-Critical Systems

Large language model LLM agents are increasingly proposed as supervisory components for safety-critical systems, yet their robustness under sustained, adaptive adversarial pressure remains poorly characterized. We present NRT-Bench, a benchmark for multi-turn red-teaming of LLM agents acting as...

Multi-View Decompilation for LLM-Based Malware Classification

Malware analysts often inspect compiled binaries through decompiled pseudo-C, when source code is unavailable. Recent work suggests that large language models LLMs can assist this process by classifying decompiled code as benign or malicious, but existing pipelines typically rely on a single...

GNSS Spoofing Threat for V2X Communications

Global Navigation Satellite Systems GNSS constitute a core technology for delivering crucial positioning, navigation, and timing PNT services in the Vehicle-to-Everything V2X domain, where they are indispensable for generating Cooperative Awareness Messages CAM that uphold network reliability and...

D-Link DSL2600U Rule-Based IoT Intrusion Detection System

This is a IoT attack detection script that monitors HTTP request behavior to identify potentially malicious activity against devices such as routers or embedded systems...

Analyzing Defensive Misdirection against Model-Guided Automated Attacks on Agentic AI Systems

Agentic AI systems increasingly rely on language-model components to interpret instructions, process external data, invoke tools, and coordinate with other agents. These capabilities make prompt-injection and jailbreak attacks more consequential, especially as attackers adopt model-guided...

American Fuzzy Lop plus plus 5.01c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

Unquoted Service Path Detection and Remediation Tool for Windows

This PowerShell script is a comprehensive security auditing tool designed to detect and fix unquoted service path vulnerabilities in Windows services...

Attacking Apple Display Co-Processor

While Apple's GPU architecture has received significant public scrutiny, the Display Co-Processor DCP remains a comparatively under-explored component despite its role in several high-profile iOS exploitation chains and jailbreaks. In this presentation, Ye Zhang examines the DCP from an attacker'...

A Layered Security Framework against Prompt Injection in RAG-Based Chatbots

Prompt injection is ranked as the most critical vulnerability in large language model LLM deployments by the OWASP Top 10 for LLM Applications, yet existing defenses operate at isolated pipeline stages and remain incomplete. Input filters cannot inspect retrieved documents, while output monitors...

FERRUM Windows Auditor

Ferrum is a Windows security research toolkit for local privilege escalation, persistence, COM hijacking, and attack surface enumeration. It is a Windows-first vulnerability research and security auditing framework written in Go. It is designed as a single binary, ferrum.exe, with modules...

Joern 4.0.559

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Google Pixel CPIF Driver Out-Of-Bounds Read / Write

The CPIF driver on Google Pixel has issues in linkreadgnssimage and linkloadgnssimage that lead to kernel out-of-bounds read and write from userland...

PhantomSkill: Malicious Code Injection in Agent Skill Ecosystems

Agent skills allow LLM-based coding agents to acquire domain-specific capabilities from third-party packages, but they also introduce a new supply-chain attack surface. We present PhantomSkill, an attack framework that hides malicious behavior in a skill's auxiliary resources rather than in its...

Discuz! X5.0 Plugin Access Control Checker

This Metasploit module checks whether the enabledisable.php endpoint is accessible without proper authentication in Discuz! X5.0. It does not exploit any vulnerability...

PYPILINE: Malicious PyPI Package Detection Via Suspicious API Knowledge and Agent Workflow

The detection of malicious PyPI packages is crucial for maintaining the security of the open source software supply chain. Existing methods, which primarily rely on rules or traditional machine learning, suffer from poor interpretability and difficulty in adapting to novel attacks. To address thi...

A Predictive Neural Network Architecture for Early Detection of Low-Rate Cyberattacks

Low-Rate Denial of Service LDoS attacks pose a significant challenge to IoT networks due to their subtle and prolonged nature, often evading traditional intrusion detection systems. This paper presents IDQS Intrusion Detection via QoS Prediction, a lightweight and proactive framework for early LD...

Lifecycle-Aware Dynamic Analysis for Secure ML Model Execution

The growing reliance on pre-trained Machine Learning ML models has introduced new attack surfaces. Recent vulnerabilities demonstrate that malicious behavior can be embedded within model artifacts, often bypassing existing defenses. Current model-scanning solutions primarily rely on static,...

PUFFERDOS: Efficient and Effective Attack String Generation for Regular Expression Denial of Service Vulnerabilities

ReDoS attacks constitute a critical class of resource-exhaustion vulnerabilities. In such attacks, adversaries exploit the pathological worst-case execution behavior of regular expression regex engines to induce highly asymmetric computational workloads, ultimately exhausting system resources and...

OpenAnt: LLM-Powered Vulnerability Discovery through Code Decomposition, Adversarial Verification, and Dynamic Testing

Automated vulnerability discovery in large codebases remains challenging: traditional static analysis produces high false-positive rates, while dynamic approaches such as fuzzing require substantial infrastructure and often target narrow classes of bugs. Recent advances in large language models...

Compute-Budgeted Exploitability Evidence Graphs for Prospective Vulnerability Triage

Defenders cannot patch every newly disclosed vulnerability at once, so exploitability prediction must be evaluated prospectively rather than retrospectively. We study compute-budgeted vulnerability triage in which each CVE is scored only from public evidence visible by a fixed decision time...

Slate Digital Connect 1.37.0 Local Privilege Escalation

Slate Digital Connect for macOS version 1.37.0 suffers from multiple local privilege escalation vulnerabilities...

Wertheim SafeController Hardware for VAULT ROOMS Missing Crypto / Insufficient TLS

Wertheim SafeController Hardware for VAULT ROOMS suffers from a lack of cryptographic protection, insufficient TLS encryption, and an undisclosed vulnerability. Affected versions include the Controller 65000 with AssemblyVersion 6.11.8130.22319 and Controller 5400 with AssemblyVersion...

ARES: A Platform for Adaptive Role-Based Evaluation of Social Engineering Risks in Human--AI Games

This work introduces ARES, a platform and open pilot dataset for auditing adaptive social engineering risks in LLM-mediated social decision-making through controlled social games. ARES supports human--human, human--AI, and AI--AI settings, combining configurable game templates, role-conditioned L...

An AI Security Agent for Banking: Multi-Vector Fraud and AML Detection across Retail and Corporate Accounts

Banks simultaneously face signature-based fraud card-not-present attacks, account takeover, ATM cloning and behavioural financial crime structuring, layering, mule networks, business email compromise -- two threat families with fundamentally different detection requirements. Static rule engines...

SNAS: A Multi-Layer Defense-In-Depth Architecture for Secure Egress in Sandboxed Workloads

Snowpark enables data engineering and AI/ML workloads in Snowflake by executing user-defined functions in secure sandboxes. Many of these workloads require external connectivity to access cloud APIs, external databases, or feature stores, creating a dependability challenge: how to provide...

Is It Real? Exploiting Virtual-Physical Discrimination Vulnerability in Mixed Reality

Consumer mixed reality MR headsets seamlessly blend virtual content into physical environments with sufficient fidelity that users may be unable to distinguish virtual objects from physical ones. We identify this virtual-physical discrimination vulnerability as an exploitable security primitive...

Anywhere, Any-Stymie: Remote Activation of Trojan Malware on LiDAR with Modulated Signals

LiDAR sensors are widely deployed in autonomous systems for 3D perception and safety-critical decision-making. We identify a previously unexplored attack surface in which dormant malware embedded in the LiDAR sensing pipeline remains inactive during normal operation and can be externally triggere...

ShellGames: Speculative LLM-Driven SSH Deception

Cyber deception and Moving Target Defense are promising strategies that aim to disrupt adversaries by increasing uncertainty. However, sustaining long-lived, credible interactive sessions with adversaries remains an open challenge. Large Language Models LLMs offer a promising path toward more...

Children Are Not the Enemy: Child-Fit Security As an Alternative to Bans and Surveillance

Digital technologies are now central to children's learning, play, communication, identity formation, and social participation. Yet dominant approaches to children's online safety often rely on containment mechanisms, including bans, age gates, parental controls, monitoring, and screen-time...