6803 matches found
GenAI-Driven Threat Detection with Microsoft Security Copilot
Defending against today's increasingly sophisticated cyberattacks requires security analysts to continuously translate evolving attacker tradecraft into detection logic. This places defenders in a reactive posture, requiring constantly updated expertise across an increasingly fragmented security...
FreeBSD Security Advisory - FreeBSD-SA-26:23.bsdinstall
FreeBSD Security Advisory - When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not...
Domijn: The Security of Domain Registrars and the Risk of a Domain Name Takeover
Domain names are key assets for organisation. They anchor an organisation's online presence and reputation, and serve as linking pin for web services and, e.g., email. Consequently, a malicious takeover of a domain can lead to significant damages. Organisations register domain names through...
FreeBSD Security Advisory - FreeBSD-SA-26:20.fusefs
FreeBSD Security Advisory - When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated...
XAI FL-IDS: A Federated Learning and SHAP-Based Explainable Framework for Distributed Intrusion Detection Systems
An Intrusion Detection System IDS is vital in cybersecurity, detecting unauthorized activity across networks. With attacks on network layers increasing, stronger IDSs are needed. Yet most IDSs rely on centralized detection, forcing IoT nodes to ship data to a server, adding overhead and offering ...
Loaded Dice: Solving the Non-Selection Problem for Scalable Probabilistic RowHammer Defense
DRAM scaling has exacerbated the RowHammer vulnerability. To counter this, JEDEC recently introduced Per Row Activation Counting PRAC with the Alert Back-Off protocol as an optional DDR5 feature. While promising, PRAC requires per-row counter cells that incur area overhead, and updating them on...
Suricata IDPE 8.0.5
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...
A Hybrid Cluster-Based Classification Model for Anomaly Detection in Unbalanced IoT Networks
Detecting anomalies in Internet of Things IoT networks is a critical security challenge, often hampered by highly imbalanced and diverse network traffic datasets. Standard classifiers struggle to perform well across all traffic types. This paper proposes a hybrid detection model to address this...
SCARA: A Semantics-Constrained Autonomous Remediation Agent for Opaque Industrial Software Vulnerabilities
Critical-infrastructure operators are increasingly expected to assess and remediate vulnerabilities in deployed industrial software. However, much of this software exists as opaque industrial software OIS, including stripped firmware, proprietary protocol handlers, and compiled control logic...
Awakening the Hydra: Stabilizing Multi-Concept Backdoor Injection in Text-To-Image Diffusion Models
Text-to-image diffusion models are increasingly developed through open-source reuse and repeated downstream fine-tuning, where reused checkpoints are difficult to verify and thus more susceptible to hidden backdoor behaviors. In such ecosystems, a single pretrained model may be sequentially adapt...
DASM: Domain-Aware Sharpness Minimization for Multi-Domain Voice Stream Steganalysis
The growing use of information hiding in network streaming media for covert communication poses a significant security threat, necessitating the development of robust detection technologies. However, existing steganalysis methods for network voice streams mostly rely on data distributions in...
Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach
The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...
Taking Cryptography out of the Data Path Via Near-Memory Processing in DRAM
Cryptographic algorithms such as AES-128 and SHA-256 are fundamental to ensuring data security and integrity. Although these algorithms are computationally efficient, their performance is often constrained by the processor-centric architectures e.g., CPUs, GPUs, primarily due to the memory...
Hunting Vulnerability Variants in AI Infra: Measurement and Reference-Driven Detection
AI infra has become a shared execution layer for model training, deployment, and agent orchestration. Because many projects reimplement similar model-centric workflows, a vulnerability disclosed in one repository can recur as a variant in another repository with a related design. Yet the prevalen...
Joern 4.0.542
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Set Shaping Theory As a Complementary Payload-Shaping Layer for Steganography
This paper studies the use of Set Shaping Theory SST as a reversible payload-shaping layer for least significant bit LSB image steganography. The proposal is not intended to replace existing steganographic methods or to compete with them as a new embedding scheme. Instead, SST is positioned as a...
Impacket 0.13.1
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...
Fifty Shades of Darknet
The Invisible Internet Project I2P is a peer-to-peer anonymous overlay network whose architecture includes a structurally distinct sublayer not characterized in existing security literature. We term this sublayer the Exclusive Network: nodes here host operational services and draw on I2P's routin...
Refusal Evaluation in Coding LLMs and Code Agents: A Systematic Review of Thirteen Malicious-Code Prompt Corpora (2023-2025)
The evaluation of large language model refusal on malicious-coding tasks now spans at least thirteen publicly released prompt corpora AdvBench, the CyberSecEval family, RMCBench, RedCode, MCGMark, JailbreakBench, CySecBench, MalwareBench, CIRCLE, MOCHA, ASTRA, Scam2Prompt / Innoc2Scam-bench, and...
SAGE: Scalable Automatic Gating Ensemble for Confident Negative Harvesting in Fraud Detection
Music streaming fraud, where bad actors artificially inflate stream counts to manipulate chart rankings and royalty payments, poses a significant threat to streaming services and legitimate content creators. Traditional fraud detection approaches struggle with a critical challenge: many legitimat...
Apple Security Advisory 05-11-2026-11
Apple Security Advisory 05-11-2026-11 - visionOS 26.5 addresses buffer overflow, bypass, denial of service, information leakage, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 05-11-2026-10
Apple Security Advisory 05-11-2026-10 - watchOS 26.5 addresses buffer overflow, bypass, denial of service, information leakage, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 05-11-2026-1
Apple Security Advisory 05-11-2026-1 - iOS 26.5 and iPadOS 26.5 addresses buffer overflow, bypass, denial of service, information leakage, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 05-11-2026-3
Apple Security Advisory 05-11-2026-3 - iPadOS 17.7.11 addresses a failed deletion issue...
Joern 4.0.540
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Edupage Cross Site Request Forgery / Spoofing
Non-sanitised submission of malicious SVG files on the Edupage portal in combination with cross site request forgery attacks allows the triggering various actions on behalf of other users, e.g. identity spoofing, sending fake messages, giving fake approvals, etc...
Flawfinder 2.0.20
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function...
Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection
Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...
Apple Security Advisory 05-13-2026-1
Apple Security Advisory 05-13-2026-1 - Safari 26.5 addresses use-after-free vulnerabilities...
Backdooring Masked Diffusion Language Models
Masked diffusion language models MDLMs are emerging as a compelling new paradigm for text generation, but their training-time security remains largely unexplored. Existing backdoor attacks on Gaussian diffusion models or autoregressive language models do not directly apply to MDLMs because MDLMs...
Three Heads Are Better Than One: A Multi-Perspective Reasoning Framework for Enhanced Vulnerability Detection
Automated vulnerability detection is crucial for enhancing software security by identifying potential flaws that attackers could exploit, thereby reducing the reliance on labor-intensive manual code audits. Recent advancements have shifted towards leveraging large language models LLMs for...
OX Dovecot Pro / CE Improper Handling / Denial of Service / Bypass
OX Dovecot Pro and Ox Dovecot CE suffer from bypass, denial of service, and insecure handling vulnerabilities. Versions affected vary based on the issue...
Edupage Information Disclosure
Both authenticated and publicly accessible anonymous guest accounts on Edupage portal allow an attacker to capture the complete list of user IDs, names students, parents, and teachers, and the associated banking details IBAN codes...
Bridging the Cybersecurity Gap between Web2 and Web3 - an Incident-Based Analysis of Organizational and Application-Level Security Failures
The rapid adoption of Web3 infrastructures has led to a growing number of security incidents affecting cryptocurrency exchanges, custody services and blockchain-based platforms. While existing research predominantly focuses on vulnerabilities in smart contracts and blockchain protocols, a...
Apple Security Advisory 05-11-2026-9
Apple Security Advisory 05-11-2026-9 - tvOS 26.5 addresses buffer overflow, denial of service, information leakage, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Devilray: A Systematic Adversarial Model Revealing Blind Spots in Fake Base Station Detection
Fake Base Station FBS detection has been a critical focus of cellular security research for over two decades. However, significant financial and regulatory barriers to accessing commercial FBS C-FBS devices have limited direct visibility into real-world operations, forcing detection systems to be...
Apple Security Advisory 05-11-2026-5
Apple Security Advisory 05-11-2026-5 - iOS 15.8.8 and iPadOS 15.8.8 addresses a failed deletion issue...
Babel: Jailbreaking Safety Attention Via Obfuscation Distribution Optimized Sampling
Despite rigorous safety alignment, Large Language Models LLMs remain vulnerable to jailbreak attacks. Existing black-box methods often rely on heuristic templates or exhaustive trials, lacking mechanistic interpretability and query efficiency. In this study, we investigate an intrinsic...
nimrm 1.2.0
nimrm is a native WinRM interactive shell client written in Nim. It's designed to be a compact and fast tool for system administration and authorized security testing. Key features include NTLM and Kerberos authentication, in-memory operations, file transfers, OPSEC awareness, and cross platform...
Learning to Look Benign: Targeted Evasion of Malware Detectors Via API Import Injection
Machine learning-based malware detectors are widely deployed in antivirus and endpoint detection systems, yet their reliance on static features makes them vulnerable to adversarial manipulation. This paper investigates whether a malware sample can be intentionally misclassified as a specific beni...
Apple Security Advisory 05-11-2026-4
Apple Security Advisory 05-11-2026-4 - iOS 16.7.16 and iPadOS 16.7.16 addresses a failed deletion issue...
A No-Defense Defense against Gradient-Based Adversarial Attacks on ML-NIDS: Is Less More?
Gradient-based adversarial attacks subtly manipulate inputs of Machine Learning ML models to induce incorrect predictions. This paper investigates whether careful architectural choices alone can yield an inherently robust Deep Neural Network DNN-based Network Intrusion Detection Systems NIDS,...
Be Kind, Rewrite: Benign Projections Via Rewriting Defend against LLM Data Poisoning Attacks
Large language models LLMs are highly susceptible to backdoor attacks BAs, wherein training samples are poisoned using trigger-based harmful content. Furthermore, existing defenses have proven ineffective when extensively tested across BA patterns. To better combat BAs, we explore the use of LLM...
Botan C++ Crypto Algorithms Library 3.12.0
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...
From Detection to Response: A Deep Learning and Retrieval-Augmented Generation Framework for Network Intrusion Mitigation
Machine-learning-based Intrusion Detection Systems IDS have achieved impressive accuracy in classifying network attacks, yet they consistently fall short on the question that matters most to a security analyst: what should I do next? This paper presents a unified, end-to-end framework that closes...
Apple Security Advisory 05-11-2026-8
Apple Security Advisory 05-11-2026-8 - macOS Sonoma 14.8.7 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds write, and use-after-free vulnerabilities...
Agent Security Is a Systems Problem
We take the position that agent security must be approached as a systems problem: the AI model powering the agent must be treated as an untrusted component, and security invariants must be enforced at the system level. Through this lens, efforts to increase model robustness the dominant viewpoint...
Hallucination As Exploit: Evidence-Carrying Multimodal Agents
Multimodal agents use screenshots, documents, and webpages to choose tool calls. When a false visual claim triggers a click, email, extraction, or transfer, hallucination becomes an authorization failure rather than an answer-quality error. We formalize this failure mode as hallucination-to-actio...
Not What You Asked For: Typographic Attacks in Household Robot Manipulation
Open-vocabulary embodied AI agents increasingly rely on vision-language models such as CLIP for object perception and task grounding. However, the shared embedding space that enables this flexibility introduces a structural vulnerability to typographic attacks, where printed text in a physical...
Apple Security Advisory 05-11-2026-2
Apple Security Advisory 05-11-2026-2 - iOS 18.7.9 and iPadOS 18.7.9 addresses buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds write, resource exhaustion, and use-after-free vulnerabilities...