6825 matches found
DUALGUAGE: Automated Joint Security-Functionality Benchmarking for Secure Code Generation
Large language models LLMs and autonomous coding agents are increasingly used to generate software across a wide range of domains. Yet a core requirement remains unmet: ensuring that generated code is secure without compromising its functional correctness. Existing benchmarks and evaluations for...
Cross-LLM Generalization of Behavioral Backdoor Detection in AI Agent Supply Chains
As AI agents become integral to enterprise workflows, their reliance on shared tool libraries and pre-trained components creates significant supply chain vulnerabilities. While previous work has demonstrated behavioral backdoor detection within individual LLM architectures, the critical question ...
IRSDA: An Agent-Orchestrated Framework for Enterprise Intrusion Response
Modern enterprise systems face escalating cyber threats that are increasingly dynamic, distributed, and multi-stage in nature. Traditional intrusion detection and response systems often rely on static rules and manual workflows, which limit their ability to respond with the speed and precision...
FedPoisonTTP: A Threat Model and Poisoning Attack for Federated Test-Time Personalization
Test-time personalization in federated learning enables models at clients to adjust online to local domain shifts, enhancing robustness and personalization in deployment. Yet, existing federated learning work largely overlooks the security risks that arise when local adaptation occurs at test tim...
Evolution of Cybersecurity Subdisciplines: A Science of Science Study
The science of science is an emerging field that studies the practice of science itself. We present the first study of the cybersecurity discipline from a science of science perspective. We examine the evolution of two comparable interdisciplinary communities in cybersecurity: the Symposium on...
From Reviewers' Lens: Understanding Bug Bounty Report Invalid Reasons with LLMs
Bug bounty platforms e.g., HackerOne, BugCrowd leverage crowd-sourced vulnerability discovery to improve continuous coverage, reduce the cost of discovery, and serve as an integral complement to internal red teams. With the rise of AI-generated bug reports, little work exists to help bug hunters...
Evaluation of Real-Time Mitigation Techniques for Cyber Security in IEC 61850 / IEC 62351 Substations
The digitalization of substations enlarges the cyber-attack surface, necessitating effective detection and mitigation of cyber attacks in digital substations. While machine learning-based intrusion detection has been widely explored, such methods have not demonstrated detection and mitigation...
Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions
Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks B5G introduces emerging compute capabilities into the...
TASO: Jailbreak LLMs Via Alternative Template and Suffix Optimization
Many recent studies showed that LLMs are vulnerable to jailbreak attacks, where an attacker can perturb the input of an LLM to induce it to generate an output for a harmful question. In general, existing jailbreak techniques either optimize a semantic template intended to induce the LLM to produc...
LLMs As Firmware Experts: A Runtime-Grown Tree-Of-Agents Framework
Large Language Models LLMs and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the binary nature of firmware, complex dependency structures, a...
Building Browser Agents: Architecture, Security, and Practical Solutions
Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current approaches fail and what prevents safe autonomous operatio...
EBPF-PATROL: Protective Agent for Threat Recognition and Overreach Limitation Using EBPF in Containerized and Virtualized Environments
With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies i.e., containerization and virtualization have become foundational. However, strict isolation and maintaining runtime security in these environments has become increasingly challenging. Existing...
Federated Anomaly Detection and Mitigation for EV Charging Forecasting under Cyberattacks
Electric Vehicle EV charging infrastructure faces escalating cybersecurity threats that can severely compromise operational efficiency and grid stability. Existing forecasting techniques are limited by the lack of combined robust anomaly mitigation solutions and data privacy preservation...
A Novel and Practical Universal Adversarial Perturbations against Deep Reinforcement Learning Based Intrusion Detection Systems
Intrusion Detection Systems IDS play a vital role in defending modern cyber physical systems against increasingly sophisticated cyber threats. Deep Reinforcement Learning-based IDS, have shown promise due to their adaptive and generalization capabilities. However, recent studies reveal their...
Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway
As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...
AutoGraphAD: A Novel Approach Using Variational Graph Autoencoders for Anomalous Network Flow Detection
Network Intrusion Detection Systems NIDS are essential tools for detecting network attacks and intrusions. While extensive research has explored the use of supervised Machine Learning for attack detection and characterisation, these methods require accurately labelled datasets, which are very...
Deepfake Geography: Detecting AI-Generated Satellite Images
The rapid advancement of generative models such as StyleGAN2 and Stable Diffusion poses a growing threat to the authenticity of satellite imagery, which is increasingly vital for reliable analysis and decision-making across scientific and security domains. While deepfake detection has been...
Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys
Incident Response IR allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of these goals, technical practitioners are increasingly influenced by stakeholders like cyber insurers and...
Steering in the Shadows: Causal Amplification for Activation Space Attacks in Large Language Models
Modern large language models LLMs are typically secured by auditing data, prompts, and refusal policies, while treating the forward pass as an implementation detail. We show that intermediate activations in decoder-only LLMs form a vulnerable attack surface for behavioral control. Building on...
ReVul-CoT: Towards Effective Software Vulnerability Assessment with Retrieval-Augmented Generation and Chain-Of-Thought Prompting
Context: Software Vulnerability Assessment SVA plays a vital role in evaluating and ranking vulnerabilities in software systems to ensure their security and reliability. Objective: Although Large Language Models LLMs have recently shown remarkable potential in SVA, they still face two major...
The Star Product of Uniformly Random Codes
We consider the problem of determining the expected dimension of the star product of two uniformly random linear codes that are not necessarily of the same dimension. We achieve this by establishing a correspondence between the star product and the evaluation of bilinear forms, which we use to...
Beyond Jailbreak: Unveiling Risks in LLM Applications Arising from Blurred Capability Boundaries
LLM applications i.e., LLM apps leverage the powerful capabilities of LLMs to provide users with customized services, revolutionizing traditional application development. While the increasing prevalence of LLM-powered applications provides users with unprecedented convenience, it also brings fort...
ThreadFuzzer: Fuzzing Framework for Thread Protocol
With the rapid growth of IoT, secure and efficient mesh networking has become essential. Thread has emerged as a key protocol, widely used in smart-home and commercial systems, and serving as a core transport layer in the Matter standard. This paper presents ThreadFuzzer, the first dedicated...
StealthCup: Realistic, Multi-Stage, Evasion-Focused CTF for Benchmarking IDS
Intrusion Detection Systems IDS are critical to defending enterprise and industrial control environments, yet evaluating their effectiveness under realistic conditions remains an open challenge. Existing benchmarks rely on synthetic datasets e.g., NSL-KDD, CICIDS2017 or scripted replay frameworks...
The Dark Side of Flexibility: How Aggregated Cyberattacks Threaten the Power Grid
Flexible energy resources are increasingly becoming common in smart grids. These resources are typically managed and controlled by aggregators that coordinate many resources to provide flexibility services. However, these aggregators and flexible energy resources are vulnerable, which could allow...
AudioCodes Fax/IVR Appliance 2.6.23 Scanner
AudioCodes Fax/IVR Appliance version 2.6.23 vulnerability scanning tool that detects instances for identification purposes but does not actively exploit them...
HackOnChat: Unmasking the WhatsApp Hacking Scam
CTM360 has discovered a large-scale malicious campaign targeting WhatsApp users worldwide. This scam is designed to hijack WhatsApp accounts through deceptive phishing schemes that exploit user trust in the WhatsApp brand. Threat actors behind this campaign create fraudulent websites that closely...
Password Strength Analysis through Social Network Data Exposure: A Combined Approach Relying on Data Reconstruction and Generative Models
Although passwords remain the primary defense against unauthorized access, users often tend to use passwords that are easy to remember. This behavior significantly increases security risks, also due to the fact that traditional password strength evaluation methods are often inadequate. In this...
A Comprehensive Study on Cyber Attack Vectors in EV Traction Power Electronics
Electric vehicles EVs have drastically changed the auto industry and developed a new era of technologies where power electronics play the leading role in traction management, energy conversion and vehicle control processes. Nevertheless, this is a digital transformation, and the cyber-attack...
CISA: Suspicious Unmanned Aircraft System Activity Guidance
Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators is intended for critical infrastructure stakeholders who are concerned with unmanned aircraft system UAS activity near or around their facilities...
Multi-Domain Security for 6G ISAC: Challenges and Opportunities in Transportation
Integrated sensing and communication ISAC will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify...
Wireshark Analyzer 4.6.1
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...
GNU Transport Layer Security Library 3.8.11
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...
Autumn Dragon: China-Nexus APT Group Target South East Asia
This report details Autumn Dragon, a sustained, multi-month espionage campaign against the government, media, and news sectors in several countries including Laos, Cambodia, Singapore, the Philippines and Indonesia...
Future-Back Threat Modeling: A Foresight-Driven Security Framework
Traditional threat modeling remains reactive-focused on known TTPs and past incident data, while threat prediction and forecasting frameworks are often disconnected from operational or architectural artifacts. This creates a fundamental weakness: the most serious cyber threats often do not arise...
RampoNN: A Reachability-Guided System Falsification for Efficient Cyber-Kinetic Vulnerability Detection
Detecting kinetic vulnerabilities in Cyber-Physical Systems CPS, vulnerabilities in control code that can precipitate hazardous physical consequences, is a critical challenge. This task is complicated by the need to analyze the intricate coupling between complex software behavior and the system's...
CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems
Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern...
Multi-Faceted Attack: Exposing Cross-Model Vulnerabilities in Defense-Equipped Vision-Language Models
The growing misuse of Vision-Language Models VLMs has led providers to deploy multiple safeguards, including alignment tuning, system prompts, and content moderation. However, the real-world robustness of these defenses against adversarial attacks remains underexplored. We introduce Multi-Faceted...
Systematically Deconstructing APVD Steganography and Its Payload with a Unified Deep Learning Paradigm
In the era of digital communication, steganography allows covert embedding of data within media files. Adaptive Pixel Value Differencing APVD is a steganographic method valued for its high embedding capacity and invisibility, posing challenges for traditional steganalysis. This paper proposes a...
"To Survive, I Must Defect": Jailbreaking LLMs Via the Game-Theory Scenarios
As LLMs become more common, non-expert users can pose risks, prompting extensive research into jailbreak attacks. However, most existing black-box jailbreak attacks rely on hand-crafted heuristics or narrow search spaces, which limit scalability. Compared with prior attacks, we propose Game-Theor...
CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers
CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...
Trustworthy GenAI over 6G: Integrated Applications and Security Frameworks
The integration of generative artificial intelligence GenAI into 6G networks promises substantial performance gains while simultaneously exposing novel security vulnerabilities rooted in multimodal data processing and autonomous reasoning. This article presents a unified perspective on cross-doma...
Can MLLMs Detect Phishing? A Comprehensive Security Benchmark Suite Focusing on Dynamic Threats and Multimodal Evaluation in Academic Environments
The rapid proliferation of Multimodal Large Language Models MLLMs has introduced unprecedented security challenges, particularly in phishing detection within academic environments. Academic institutions and researchers are high-value targets, facing dynamic, multilingual, and context-dependent...
TopoReformer: Mitigating Adversarial Attacks Using Topological Purification in OCR Models
Adversarially perturbed images of text can cause sophisticated OCR systems to produce misleading or incorrect transcriptions from seemingly invisible changes to humans. Some of these perturbations even survive physical capture, posing security risks to high-stakes applications such as document...
Hiding in the AI Traffic: Abusing MCP for LLM-Powered Agentic Red Teaming
Generative AI is reshaping offensive cybersecurity by enabling autonomous red team agents that can plan, execute, and adapt during penetration tests. However, existing approaches face trade-offs between generality and specialization, and practical deployments reveal challenges such as...
Small Language Models for Phishing Website Detection: Cost, Performance, and Privacy Trade-Offs
Phishing websites pose a major cybersecurity threat, exploiting unsuspecting users and causing significant financial and organisational harm. Traditional machine learning approaches for phishing detection often require extensive feature engineering, continuous retraining, and costly infrastructur...
Securing AI Agents against Prompt Injection Attacks
Retrieval-augmented generation RAG systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive benchmark for evaluating prompt injection risks in RAG-enabled A...
Towards a Formal Verification of Secure Vehicle Software Updates
With the rise of software-defined vehicles SDVs, where software governs most vehicle functions alongside enhanced connectivity, the need for secure software updates has become increasingly critical. Software vulnerabilities can severely impact safety, the economy, and society. In response to this...
ForensicFlow: A Tri-Modal Adaptive Network for Robust Deepfake Detection
Deepfakes generated by advanced GANs and autoencoders severely threaten information integrity and societal stability. Single-stream CNNs fail to capture multi-scale forgery artifacts across spatial, texture, and frequency domains, limiting robustness and generalization. We introduce the...
HyMAD: A Hybrid Multi-Activity Detection Approach for Border Surveillance and Monitoring
Seismic sensing has emerged as a promising solution for border surveillance and monitoring; the seismic sensors that are often buried underground are small and cannot be noticed easily, making them difficult for intruders to detect, avoid, or vandalize. This significantly enhances their...