6746 matches found
Apache .htaccess Persistence
This Metasploit module writes a persistence payload into an Apache .htaccess file using modcgi. The .htaccess file itself acts as a CGI shell, executing commands passed via the query string. Inspired by the htshells project by wireghoul...
IPv6 Extension Header Testing and Network Stress Utility Using Scapy
This Python script combines network validation, protocol behavior testing, and packet-generation capabilities focused on IPv4 and IPv6 traffic analysis using Scapy...
FBI FLASH: Cyber Criminal Group TeamPCP
The Federal Bureau of Investigation FBI is releasing this FLASH to highlight the tactics, techniques, and procedures TTPs and indicators of compromise IOCs associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by targeting...
Whistleblowersoftware.com Confidentiality Fail
The anonymous reporting flow on whistleblowersoftware.com encrypts report text end-to-end in the browser but does not extend the same guarantee to attachments and exposes the reporter's network identity and timing to a US-based third party. Together these weaken the confidentiality and anonymity...
InnoShop 0.8.2 File Manager Scanner
This Python script is a scanner designed to identify potential exposure of an InnoShop installation and verify access to the File Manager API...
Gardyn IoT Hub Key Disclosure
Gardyn exposes a privileged iothubowner shared-access key. Access to this key allows a malicious user to invoke an Azure IoT Hub Registry Manager function that returns connection information for all Gardyn Home Kit and Studio devices. The same key allows execution of arbitrary commands on a...
Integer Arithmetic Utilities for Image Buffer Sizing and Offset Validation
This C program demonstrates defensive programming techniques for preventing integer overflows during image-processing calculations by implementing reusable safe arithmetic helpers for addition, multiplication, buffer sizing, and offset validation...
Asterisk 22.10.1 Security Release
The Asterisk Development Team would like to announce security release Asterisk 22.10.1. It addresses 20 security issues...
Gardyn IoT Log Disclosure
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user can enumerate and read any device log file in the container. Logs were available from approximately May 2020 through disclosure 5+ years...
Apple Security Advisory 06-29-2026-1
Apple Security Advisory 06-29-2026-1 - iOS 26.5.2 and iPadOS 26.5.2 addresses double free, out of bounds access, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 06-29-2026-2
Apple Security Advisory 06-29-2026-2 - macOS Tahoe 26.5.2 addresses double free, out of bounds access, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 06-29-2026-3
Apple Security Advisory 06-29-2026-3 - Safari 26.5.2 addresses out of bounds access, out of bounds write, and use-after-free vulnerabilities...
Certified Asterisk 22.8-cert3 Security Release
The Asterisk Development Team would like to announce security release Certified Asterisk 22.8-cert3. It addresses 20 security issues...
Gardyn IoT Hub Missing Security Headers
Gardyn IoT Hub is missing security headers that help mitigate clickjacking and cross site scripting...
pwnlift Symlink File Write
Symlink following and TOCTOU issues in the pwnlift upload handler allow arbitrary file write as root...
Agentic-SecPBFT: Agentic AI-Driven Proactive Security Framework for Wireless PBFT Consensus in Mobile Ad-Hoc Networks
The standard Practical Byzantine Fault Tolerance PBFT protocol, designed for stable, wired environments, exhibits critical vulnerabilities when deployed in settings like mobile ad-hoc networks, thus making it susceptible to sophisticated threats such as Sybil attacks, Byzantine collusion, and...
Agentic and Generative AI for Open-Source Intelligence and Cyber Investigations: Taxonomy, Evaluation, Challenges, and Future Directions
The rapid growth of publicly available digital information has rendered manual open-source intelligence OSINT analysis insufficient for modern intelligence, cybersecurity, and cyber investigation. Large language models LLMs and agentic AI systems, capable of tool use, multi-step reasoning, and...
ThreatVisionAI: A Hybrid CNN-ViT Framework for Image-Based Malware Classification
Traditional malware detection methods struggle to generalize to obfuscated or previously unseen threats. This paper introduces ThreatVisionAI, a hybrid malware family classification framework that integrates a raw-image CNN, a wavelet-based CNN, and a Vision Transformer ViT to capture complementa...
Overloading Large Vision-Language Models for Jailbreaking
Large Vision-Language Models LVLMs exhibit remarkable vision-language capabilities and are increasingly deployed in real-world applications such as personal assistants, document analysis systems, and embodied agents. However, their dual-modal attack surfaces make them vulnerable to jailbreak...
Enhanced Feature Extraction for IoT Network Intrusion Detection Using GNNs and KAN
Recent advancements in the Internet of Things IoT emphasize the urgent need for advanced network security, as IoT networks feature dynamic topologies, imbalanced traffic, and complex attack patterns. Unlike general IT networks, IoT environments exhibit extreme heterogeneity and sparse topologies...
A Measurement Study on the Adoption of Pledges and Unveils in the OpenBSD Operating System
The paper presents a longitudinal measurement study on the adoption of the pledge and unveil system calls in OpenBSD. These system calls are used to sandbox programs and libraries. Given a dataset covering 19 releases, many programs and libraries were modified to use the system calls already befo...
CONTRA: Red-Teaming Configurations of Personalizable Agents
Recent tools such as OpenClaw have extended the capabilities of LLM-based agents from simple dialog-based systems to fully autonomous agents. These systems allow personalization of the agent through modifiable internal files and the installation of skills. While this enables deployment in a wide...
LLM-Enhanced Hierarchical Heterogeneous Graph Representation Learning for Malicious Python Package Detection
Malicious Python packages have become a major threat to software supply chain ecosystems due to the widespread adoption of open-source repositories such as PyPI. Existing learning-based detection methods struggle to capture the hierarchical organization and heterogeneous interactions among...
Builder, Defender, Breaker: The Case against Removing the Human from the AI-Driven Security Lifecycle
Artificial intelligence has spread across the whole of the security lifecycle. The same family of models now writes application code, hardens it, and probes it for weaknesses, so that a single generative substrate increasingly performs all three roles at once. Enthusiasm for this convergence tend...
Understanding Build Reproducibility in the F-Droid Ecosystem
The security of open source applications benefits considerably from the possibility of rebuilding their source and verifying the output. F-Droid, a prominent distribution for open source Android applications, systematically rebuilds them from source and tests their bitwise reproducibility at app...
Trust Boundary Semantic Gaps: A Multi-Dimensional Analysis and Mitigation for Security-By-Design
Modern systems use format-, protocol-, and signature-based mechanisms before accepting artifacts across trust boundaries. These mechanisms are necessary: they show that an artifact is well formed, protocol-compliant, or properly authenticated. They do not, however, show that the artifact satisfie...
Knowledge over Parameters: Evolving Smart Contract Vulnerability Detection
Smart contract vulnerabilities are predominantly logic bugs whose detection requires structured, step-by-step procedural knowledge of attack patterns and contract semantics. Existing LLM-based methods struggle to generate this knowledge automatically: prompt-based methods rely on manually crafted...
Beyond Gradient-Based Attacks: Adversarial Robustness and Explainability Stability in Cybersecurity Classifiers
Adversarial attacks on cybersecurity classifiers pose a dual threat: degrading predictions and destabilising the SHAP-based explanations that security analysts rely on to understand and triage alerts. We extend our prior MLP conference study to Random Forest and XGBoost across four tabular securi...
Cloak and Detonate: Scanner Evasion and Dynamic Detection of Agent Skill Malware
LLM coding agents increasingly rely on third-party agent skills from public marketplaces, which execute with the agent's privileges and create a software supply-chain attack surface: a malicious skill can steal credentials, exfiltrate source code, or install backdoors. Existing defenses use stati...
Overview of Risk Assessment and Management for Intelligent Systems under the AI Act and Beyond
The society and emerging risk-based regulatory frameworks for AI underscore the need for rigorous risk assessment to ensure safe and reliable AI systems. In response to this imperative, this paper presents an overview of AI risk assessment identification and analysis and management methodologies...
Hacking Measurement-Device-Independent Quantum Key Distribution
The security of practical quantum key distribution QKD systems is fundamentally constrained by vulnerabilities of single-photon detectors. Measurement-device-independent quantum key distribution MDI-QKD was proposed to remove this limitation by allowing all measurements to be performed by a...
GNU Privacy Guard 2.5.21
GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...
Clam AntiVirus Toolkit 1.5.3
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs ar...
Cognitive Firewall: A Proactive, Zero-Trust, Multi-Gate Framework for LLM Safety
Large language models LLMs can be induced to produce harmful content through multi turn strategies in which no single user message appears clearly unsafe. Existing runtime safeguards commonly evaluate prompts or responses as isolated messages, which limits their ability to recover ac-cumulated...
Generative AI and Federated Learning for Intrusion Detection Systems: A Survey
Intrusion Detection Systems IDSs are essential for monitoring network traffic and identifying malicious activities in modern cyber-physical, Internet of Things IoT, enterprise, and distributed network environments. However, developing reliable IDS models remains challenging because attack behavio...
LIB-TRAP: Standard Cell Library Hardware Trojan Risk Assessment and Prevention
Vulnerabilities inherent to the fabless semiconductor manufacturing model have significantly increased the risk of malicious Hardware Trojan HT insertion, posing severe threats to hardware security. Several HT mitigation and detection strategies have been developed, and existing works explore the...
Oracle E-Business Suite 12.2.15 Exposure Checker
This repository contains a safe vulnerability checker for CVE-2026-46817, a critical vulnerability affecting the Oracle Payments File Transmission component of Oracle E-Business Suite versions 12.2.3 through 12.2.15. Unlike an exploit, the script performs a series of HTTP probes against common...
Antaeus: Hunting Repository-Level Logic Vulnerabilities Via Context-Grounded LLM Reasoning
LLM-based vulnerability detectors have shown promising results in identifying memory-safety bugs and vulnerability classes whose violations can often be expressed through established security properties. Logic vulnerabilities, however, pose a different challenge, as their identification requires...
Detecting Adversarial Evasion Attacks against Autoencoder-Based Network Intrusion Detection Systems
Evasion attacks deliberately manipulate input to an ML-based system to produce an incorrect prediction while the manipulated input still appears benign. The PANDA framework has demonstrated that adversarial examples developed for the vision domain can be transferred to the network domain by...
CISA: The Journey to Zero Trust
The Journey to Zero Trust is a series of resources on cybersecurity capabilities and architecture topics in support of organizational adoption of modern zero trust principles. Zero trust, with its core concept of never trust and always verify, is the evolution of previous cybersecurity capabiliti...
VeriChat: An Agentic Conversational AI Assistant for Hardware Security Verification
Hardware security verification is a multi-stage process in which engineers must navigate complex design analyses, threat considerations, and verification strategies. They often need security-focused guidance, yet current verification environments provide little structured support for such...
Cross-Domain Generalization Failure in Lightweight Intrusion Detection Models for IIoT Networks
Lightweight machine learning models are increasingly proposed for intrusion detection in Industrial Internet of Things IIoT networks due to their suitability for resource-constrained edge deployment. Most reported results evaluate these models only within their training network, leaving behavior ...
Joern 4.0.570
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Toward a Unified Security and Privacy Framework for AI-Native 6G Networks
Sixth Generation 6G communication networks are expected to evolve into AI-native, highly autonomous ecosystems that integrate communication, computing, sensing, and artificial intelligence. While these capabilities enable unprecedented connectivity and intelligent services, they also create a...
The Rise and Fall of Google'S Privacy Sandbox
On October 17th, 2025, Google announced the retirement of most Privacy Sandbox APIs, concluding nearly five years of experimentation with its alternative to privacy-invasive data collection on the Web. Designed to balance privacy with advertising functionality and cross-site tracking, the...
Forensic-Oriented Intrusion Detection Using Synthetic Network Traffic Data and Explainable Artificial Intelligence
Digital forensic investigations of network intrusions require analytical outputs that are traceable, reproducible, and court-defensible - requirements existing machine learning pipelines do not satisfy, since they treat original evidence as training data and produce opaque classifications without...
Rise from the Ashes: LLM-Based Static Analysis for Deep Learning Framework Bugs
Deep learning DL frameworks are critical AI infrastructures that often hide bugs with serious security implications. While dynamic approaches such as fuzzing are effective in uncovering these bugs, they require real test execution and incur high computational costs. Static analysis is a natural...
FreeBSD Security Advisory - FreeBSD-SA-26:48.compat32
FreeBSD Security Advisory - The compat32 kevent handler translates a 64-bit kevent struct into a stack- declared 32-bit struct. It did not first zero the stack struct...
FreeBSD Security Advisory - FreeBSD-SA-26:46.ktls
FreeBSD Security Advisory - When building the iovec array for a received TLS 1.2 CBC record, ktlsocftlscbcdecrypt incremented the iovec index for every mbuf in the chain, including mbufs that were skipped because they contained only TLS header bytes. This left uninitialized entries in the iovec...
FreeBSD Security Advisory - FreeBSD-SA-26:45.audit
FreeBSD Security Advisory - When auditing a system call executed via ptracePTSCREMOTE, the kernel passed the return value of an internal setup function to AUDITSYSCALLEXIT rather than the actual result of the executed system call. As a result, committed audit records for system calls which return...