6825 matches found
Multimodal Prompt Injection Attacks: Risks and Defenses for Modern LLMs
Large Language Models LLMs have seen rapid adoption in recent years, with industries increasingly relying on them to maintain a competitive advantage. These models excel at interpreting user instructions and generating human-like responses, leading to their integration across diverse domains,...
FuzzBox: Blending Fuzzing into Emulation for Binary-Only Embedded Targets
Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial systems remains challenging, due to proprietary and...
EchoLeak: the First Real-World Zero-Click Prompt Injection Exploit in a Production LLM System
Large language model LLM assistants are increasingly integrated into enterprise workflows, raising new security concerns as they bridge internal and external data sources. This paper presents an in-depth case study of EchoLeak CVE-2025-32711, a zero-click prompt injection vulnerability in Microso...
Wrangling Entropy: Next-Generation Multi-Factor Key Derivation, Credential Hashing, and Credential Generation Functions
The Multi-Factor Key Derivation Function MFKDF offered a novel solution to the classic problem of usable client-side key management by incorporating multiple popular authentication factors into a key derivation process, but was later shown to be vulnerable to cryptanalysis that degraded its...
Decoding Latent Attack Surfaces in LLMs: Prompt Injection Via HTML in Web Summarization
Large Language Models LLMs are increasingly integrated into web-based systems for content summarization, yet their susceptibility to prompt injection attacks remains a pressing concern. In this study, we explore how non-visible HTML elements such as , aria-label, and alt attributes can be exploit...
Jamming Smarter, Not Harder: Exploiting O-RAN Y1 RAN Analytics for Efficient Interference
The Y1 interface in O-RAN enables the sharing of RAN Analytics Information RAI between the near-RT RIC and authorized Y1 consumers, which may be internal applications within the operator's trusted domain or external systems accessing data through a secure exposure function. While this visibility...
Mind the Gap: Evaluating Model- and Agentic-Level Vulnerabilities in LLMs with Action Graphs
As large language models transition to agentic systems, current safety evaluation frameworks face critical gaps in assessing deployment-specific risks. We introduce AgentSeer, an observability-based evaluation framework that decomposes agentic executions into granular action and component graphs,...
Cryptographic Application of Elliptic Curve with High Rank
Elliptic curve cryptography is better than traditional cryptography based on RSA and discrete logarithm of finite field in terms of efficiency and security. In this paper, we show how to exploit elliptic curve with high rank, which has not been used in cryptography before, to construct...
FuzzRDUCC: Fuzzing with Reconstructed Def-Use Chain Coverage
Binary-only fuzzing often struggles with achieving thorough code coverage and uncovering hidden vulnerabilities due to limited insight into a program's internal dataflows. Traditional grey-box fuzzers guide test case generation primarily using control flow edge coverage, which can overlook bugs n...
A Transformer-BiGRU-Based Framework with Data Augmentation and Confident Learning for Network Intrusion Detection
In today's fast-paced digital communication, the surge in network traffic data and frequency demands robust and precise network intrusion solutions. Conventional machine learning methods struggle to grapple with complex patterns within the vast network intrusion datasets, which suffer from data...
Where Have All the Firewalls Gone? Security Consequences of Residential IPv6 Transition
IPv4 NAT has limited the spread of IoT botnets considerably by default-denying bots' incoming connection requests to in-home devices unless the owner has explicitly allowed them. As the Internet transitions to majority IPv6, however, residential connections no longer require the use of NAT. This...
Wapiti Web Application Vulnerability Scanner 3.2.5
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...
A Kolmogorov-Arnold Network for Interpretable Cyberattack Detection in AGC Systems
Automatic Generation Control AGC is essential for power grid stability but remains vulnerable to stealthy cyberattacks, such as False Data Injection Attacks FDIAs, which can disturb the system's stability while evading traditional detection methods. Unlike previous works that relied on blackbox...
Behind the Mask: Benchmarking Camouflaged Jailbreaks in Large Language Models
Large Language Models LLMs are increasingly vulnerable to a sophisticated form of adversarial prompting known as camouflaged jailbreaking. This method embeds malicious intent within seemingly benign language to evade existing safety mechanisms. Unlike overt attacks, these subtle prompts exploit...
Bi-Level Game-Theoretic Planning of Cyber Deception for Cognitive Arbitrage
Cognitive vulnerabilities shape human decision-making and arise primarily from two sources: 1 cognitive capabilities, which include disparities in knowledge, education, expertise, or access to information, and 2 cognitive biases, such as rational inattention, confirmation bias, and base rate...
What Is Cybersecurity in Space?
Satellites, drones, and 5G space links now support critical services such as air traffic, finance, and weather. Yet most were not built to resist modern cyber threats. Ground stations can be breached, GPS jammed, and supply chains compromised, while no shared list of vulnerabilities or safe testi...
Wapiti Web Application Vulnerability Scanner 3.2.5 Source Code
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...
From Protest to Power Plant: Interpreting the Role of Escalatory Hacktivism in Cyber Conflict
Since 2022, hacktivist groups have escalated their tactics, expanding from distributed denial-of-service attacks and document leaks to include targeting operational technology OT. By 2024, attacks on the OT of critical national infrastructure CNI had been linked to partisan hacktivist efforts in...
ICSLure: a Very High Interaction Honeynet for PLC-Based Industrial Control Systems
The security of Industrial Control Systems ICSs is critical to ensuring the safety of industrial processes and personnel. The rapid adoption of Industrial Internet of Things IIoT technologies has expanded system functionality but also increased the attack surface, exposing ICSs to a growing range...
NeuroBreak: Unveil Internal Jailbreak Mechanisms in Large Language Models
In deployment and application, large language models LLMs typically undergo safety alignment to prevent illegal and unethical outputs. However, the continuous advancement of jailbreak attack techniques, designed to bypass safety mechanisms with adversarial prompts, has placed increasing pressure ...
ECCFROG522PP: an Enhanced 522-Bit Weierstrass Elliptic Curve
Whilst many key exchange and digital signature systems still rely on NIST P-256 secp256r1 and secp256k1, offering around 128-bit security, there is an increasing demand for transparent and reproducible curves at the 256-bit security level. Standard higher-security options include NIST P-521,...
Breaking to Build: a Threat Model of Prompt-Based Attacks for Securing LLMs
The proliferation of Large Language Models LLMs has introduced critical security challenges, where adversarial actors can manipulate input prompts to cause significant harm and circumvent safety alignments. These prompt-based attacks exploit vulnerabilities in a model's design, training, and...
False Sense of Security: Why Probing-Based Malicious Input Detection Fails to Generalize
Large Language Models LLMs can comply with harmful instructions, raising serious safety concerns despite their impressive capabilities. Recent work has leveraged probing-based approaches to study the separability of malicious and benign inputs in LLMs' internal representations, and researchers ha...
Efficient QKD in Non-Ideal Scenarios with User-Defined Output Length Requirements
Quantum Key Distribution QKD enables two parties to securely share encryption keys by leveraging the principles of quantum mechanics, offering protection against eavesdropping. In practical implementations, QKD systems often rely on a layered architecture where a key manager stores secret key...
Constructing a Photonic Implementation of Quantum Key Distribution
Quantum Key Distribution QKD stands as a revolutionary approach to secure communication, using the principles of quantum mechanics to establish unbreakable channels. Unlike traditional cryptography, which relies on the computational difficulty of mathematical problems, QKD utilizes the inherent...
Systematic Timing Leakage Analysis of NIST PQDSS Candidates: Tooling and Lessons Learned
The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically relies on software implementations that follow constant-time...
An Empirical Study of Vulnerabilities in Python Packages and Their Detection
In the rapidly evolving software development landscape, Python stands out for its simplicity, versatility, and extensive ecosystem. Python packages, as units of organization, reusability, and distribution, have become a pressing concern, highlighted by the considerable number of vulnerability...
A Framework for Detection and Classification of Attacks on Surveillance Cameras under IoT Networks
The increasing use of Internet of Things IoT devices has led to a rise in security related concerns regarding IoT Networks. The surveillance cameras in IoT networks are vulnerable to security threats such as brute force and zero-day attacks which can lead to unauthorized access by hackers and...
Between a Rock and a Hard Place: Exploiting Ethical Reasoning to Jailbreak LLMs
Large language models LLMs have undergone safety alignment efforts to mitigate harmful outputs. However, as LLMs become more sophisticated in reasoning, their intelligence may introduce new security risks. While traditional jailbreak attacks relied on singlestep attacks, multi-turn jailbreak...
KubeGuard: LLM-Assisted Kubernetes Hardening Via Configuration Files and Runtime Logs Analysis
The widespread adoption of Kubernetes K8s for orchestrating cloud-native applications has introduced significant security challenges, such as misconfigured resources and overly permissive configurations. Failing to address these issues can result in unauthorized access, privilege escalation, and...
VulRTex: a Reasoning-Guided Approach to Identify Vulnerabilities from Rich-Text Issue Report
Software vulnerabilities exist in open-source software OSS, and the developers who discover these vulnerabilities may submit issue reports IRs to describe their details. Security practitioners need to spend a lot of time manually identifying vulnerability-related IRs from the community, and the...
ShieldMMU: Detecting and Defending against Controlled-Channel Attacks in Shielding Memory System
Intel SGX and hypervisors isolate non-privileged programs from other software, ensuring confidentiality and integrity. However, side-channel attacks continue to threaten Intel SGX's security, enabling malicious OS to manipulate PTE present bits, induce page faults, and steal memory access traces...
Quantum AI Algorithm Development for Enhanced Cybersecurity: a Hybrid Approach to Malware Detection
This study explores the application of quantum machine learning QML algorithms to enhance cybersecurity threat detection, particularly in the classification of malware and intrusion detection within high-dimensional datasets. Classical machine learning approaches encounter limitations when dealin...
SREC: Encrypted Semantic Super-Resolution Enhanced Communication
Semantic communication SemCom, as a typical paradigm of deep integration between artificial intelligence AI and communication technology, significantly improves communication efficiency and resource utilization efficiency. However, the security issues of SemCom are becoming increasingly prominent...
Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair
Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...
Revisiting Third-Party Library Detection: a Ground Truth Dataset and Its Implications across Security Tasks
Accurate detection of third-party libraries TPLs is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains unclear.We present the first large-scale empirical study of ten...
Evaluating Diverse Feature Extraction Techniques of Multifaceted IoT Malware Analysis: a Survey
As IoT devices continue to proliferate, their reliability is increasingly constrained by security concerns. In response, researchers have developed diverse malware analysis techniques to detect and classify IoT malware. These techniques typically rely on extracting features at different levels fr...
Hydra Network Logon Cracker 9.6
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus...
VulnRepairEval: an Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities
The adoption of Large Language Models LLMs for automated software vulnerability patching has shown promising outcomes on carefully curated evaluation sets. Nevertheless, existing datasets predominantly rely on superficial validation methods rather than exploit-based verification, leading to...
Evaluating Security Properties in the Execution of Quantum Circuits
Quantum computing is a disruptive technology that is expected to offer significant advantages in many critical fields e.g. drug discovery and cryptography. The security of information processed by such machines is therefore paramount. Currently, modest Noisy Intermediate-Scale Quantum NISQ device...
Jump over ASLR - Branch Predictors
This project demonstrates applied research in C that illustrates concepts related to branch predictors, speculative execution, and cache-based side channels in the context of Address Space Layout Randomization ASLR...
CISA: a Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity
CISA and the National Security Agency NSA in collaboration with 19 international cybersecurity organizations, have released joint guidance outlining a shared global vision of Software Bill of Materials SBOM. This milestone reflects a growing international consensus on the importance of software...
BIDO: a Unified Approach to Address Obfuscation and Concept Drift Challenges in Image-Based Malware Detection
To identify malicious Android applications, various malware detection techniques have been proposed. Among them, image-based approaches are considered potential alternatives due to their efficiency and scalability. Recent studies have reported that these approaches suffer significant performance...
A Quantum Genetic Algorithm-Enhanced Self-Supervised Intrusion Detection System for Wireless Sensor Networks in the Internet of Things
The rapid expansion of the Internet of Things IoT and Wireless Sensor Networks WSNs has significantly increased the attack surface of such systems, making them vulnerable to a wide range of cyber threats. Traditional Intrusion Detection Systems IDS often fail to meet the stringent requirements of...
Raspberry Pi Pico As a Radio Transmitter
In this paper we discuss several surprisingly simple methods for transforming the Raspberry Pi Pico RP2 microcontroller into a radio transmitter, by using only cheap off the shelf electronic components, and open source software. While initially this transformation may look as a harmless curiosity...
Performance Analysis of Common Browser Extensions for Cryptojacking Detection
This paper considers five extensions for Chromium-based browsers in order to determine how effective can browser-based defenses against cryptojacking available to regular users be. We've examined most popular extensions - MinerBlock, AdGuard AdBlocker, Easy Redirect && Prevent Cryptojacking,...
GPS Spoofing Attacks on Automated Frequency Coordination System in Wi-Fi 6E and Beyond
The 6 GHz spectrum, recently opened for unlicensed use under Wi-Fi 6E and Wi-Fi 7, overlaps with frequencies used by mission-critical incumbent systems such as public safety communications and utility infrastructure. To prevent interference, the FCC mandates the use of Automated Frequency...
From Attack Descriptions to Vulnerabilities: a Sentence Transformer-Based Approach
In the domain of security, vulnerabilities frequently remain undetected even after their exploitation. In this work, vulnerabilities refer to publicly disclosed flaws documented in Common Vulnerabilities and Exposures CVE reports. Establishing a connection between attacks and vulnerabilities is...
Passwords and FIDO2 Are Meant to Be Secret: a Practical Secure Authentication Channel for Web Browsers
Password managers provide significant security benefits to users. However, malicious client-side scripts and browser extensions can steal passwords after the manager has autofilled them into the web page. In this paper, we extend prior work by Stock and Johns, showing how password autofill can be...
LogGuardQ: a Cognitive-Enhanced Reinforcement Learning Framework for Cybersecurity Anomaly Detection in Security Logs
Reinforcement learning RL has transformed sequential decision-making, but traditional algorithms like Deep Q-Networks DQNs and Proximal Policy Optimization PPO often struggle with efficient exploration, stability, and adaptability in dynamic environments. This study presents LogGuardQ Adaptive Lo...