6850 matches found
WordPress RingCentral Communications 1.6.8 Authentication Bypass
WordPress RingCentral Communications plugin versions 1.5 through 1.6.8 have a missing server-side verification that allows for authentication bypass...
PromptSleuth: Detecting Prompt Injection Via Semantic Intent Invariance
Large Language Models LLMs are increasingly integrated into real-world applications, from virtual assistants to autonomous agents. However, their flexibility also introduces new attack vectors-particularly Prompt Injection PI, where adversaries manipulate model behavior through crafted inputs. As...
Human-AI Collaborative Bot Detection in MMORPGs
In Massively Multiplayer Online Role-Playing Games MMORPGs, auto-leveling bots exploit automated programs to level up characters at scale, undermining gameplay balance and fairness. Detecting such bots is challenging, not only because they mimic human behavior, but also because punitive actions...
Ransomware 3.0: Self-Composing and LLM-Orchestrated
Using automated reasoning, code synthesis, and contextual decision-making, we introduce a new threat that exploits large language models LLMs to autonomously plan, adapt, and execute the ransomware attack lifecycle. Ransomware 3.0 represents the first threat model and research prototype of...
AI Agentic Vulnerability Injection and Transformation with Optimized Reasoning
The increasing complexity of software systems and the sophistication of cyber-attacks have underscored the critical need for effective automated vulnerability detection and repair systems. Traditional methods, such as static program analysis, face significant challenges related to scalability,...
Kemp Loadmaster Command Injection
This Python script is designed as a proof of concept PoC to demonstrate an unauthenticated command injection vulnerability in Kemp LoadMaster, identified as CVE-2024-1212...
Measuring Ransomware Lateral Movement Susceptibility Via Privilege-Weighted Adjacency Matrix Exponentiation
Ransomware impact hinges on how easily an intruder can move laterally and spread to the maximum number of assets. We present a graph-theoretic method to measure lateral-movement susceptibility and estimate blast radius. We build a directed multigraph where vertices represent assets and edges...
Multi-Agent Penetration Testing AI for the Web
AI-powered development platforms are making software creation accessible to a broader audience, but this democratization has triggered a scalability crisis in security auditing. With studies showing that up to 40% of AI-generated code contains vulnerabilities, the pace of development now vastly...
Locus: Agentic Predicate Synthesis for Directed Fuzzing
Directed fuzzing aims to find program inputs that lead to specified target program states. It has broad applications, such as debugging system crashes, confirming reported bugs, and generating exploits for potential vulnerabilities. This task is inherently challenging because target states are...
Best Salon Management System 1.0 Cross Site Scripting
Best Salon Management System version 1.0 suffers from a persistent cross site scripting vulnerability...
Microarchitecture Design and Benchmarking of Custom SHA-3 Instruction for RISC-V
Integrating cryptographic accelerators into modern CPU architectures presents unique microarchitectural challenges, particularly when extending instruction sets with complex and multistage operations. Hardware-assisted cryptographic instructions, such as Intel's AES-NI and ARM's custom instructio...
Secure Satellite Communications Via Multiple Aerial RISs: Joint Optimization of Reflection, Association, and Deployment
Satellite communication is envisioned as a key enabler of future 6G networks, yet its wide coverage with high link attenuation poses significant challenges for physical layer security. In this paper, we investigate secure multi-beam, multi-group satellite communications assisted by aerial...
The WASM Cloak: Evaluating Browser Fingerprinting Defenses under WebAssembly Based Obfuscation
Browser fingerprinting defenses have historically focused on detecting JavaScriptJS-based tracking techniques. However, the widespread adoption of WebAssembly WASM introduces a potential blind spot, as adversaries can convert JS to WASM's low-level binary format to obfuscate malicious logic. This...
The Art of Hide and Seek: Making Pickle-Based Model Supply Chain Poisoning Stealthy Again
Pickle deserialization vulnerabilities have persisted throughout Python's history, remaining widely recognized yet unresolved. Due to its ability to transparently save and restore complex objects into byte streams, many AI/ML frameworks continue to adopt pickle as the model serialization protocol...
Zeek 8.0.1
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...
Every Keystroke You Make: a Tech-Law Measurement and Analysis of Event Listeners for Wiretapping
The privacy community has a long track record of investigating emerging types of web tracking techniques. Recent work has focused on compliance of web trackers with new privacy laws such as Europe's GDPR and California's CCPA. Despite the growing body of research documenting widespread lack of...
Surveying the Operational Cybersecurity and Supply Chain Threat Landscape When Developing and Deploying AI Systems
The rise of AI has transformed the software and hardware landscape, enabling powerful capabilities through specialized infrastructures, large-scale data storage, and advanced hardware. However, these innovations introduce unique attack surfaces and objectives which traditional cybersecurity...
Addressing Deepfake Issue in Selfie Banking through Camera Based Authentication
Fake images in selfie banking are increasingly becoming a threat. Previously, it was just Photoshop, but now deep learning technologies enable us to create highly realistic fake identities, which fraudsters exploit to bypass biometric systems such as facial recognition in online banking. This pap...
The Influence of Code Comments on the Perceived Helpfulness of Stack Overflow Posts
Question-and-answer platforms such as Stack Overflow have become an important way for software developers to share and retrieve knowledge. However, reusing poorly understood code can lead to serious problems, such as bugs or security vulnerabilities. To better understand how code comments affect...
FlowMalTrans: Unsupervised Binary Code Translation for Malware Detection Using Flow-Adapter Architecture
Applying deep learning to malware detection has drawn great attention due to its notable performance. With the increasing prevalence of cyberattacks targeting IoT devices, there is a parallel rise in the development of malware across various Instruction Set Architectures ISAs. It is thus importan...
Faraday 5.16.0
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...
CITADEL: Continual Anomaly Detection for Enhanced Learning in IoT Intrusion Detection
The Internet of Things IoT, with its high degree of interconnectivity and limited computational resources, is particularly vulnerable to a wide range of cyber threats. Intrusion detection systems IDS have been extensively studied to enhance IoT security, and machine learning-based IDS ML-IDS show...
Attackers Strike Back? Not Anymore -- an Ensemble of RL Defenders Awakens for APT Detection
Advanced Persistent Threats APTs represent a growing menace to modern digital infrastructure. Unlike traditional cyberattacks, APTs are stealthy, adaptive, and long-lasting, often bypassing signature-based detection systems. This paper introduces a novel framework for APT detection that unites de...
Towards Quantum Machine Learning for Malicious Code Analysis
Classical machine learning CML has been extensively studied for malware classification. With the emergence of quantum computing, quantum machine learning QML presents a paradigm-shifting opportunity to improve malware detection, though its application in this domain remains largely unexplored. In...
A Technical Review on Comparison and Estimation of Steganographic Tools
Steganography is technique of hiding a data under cover media using different steganography tools. Image steganography is hiding of data Text/Image/Audio/Video under a cover as Image. This review paper presents classification of image steganography and the comparison of various Image steganograph...
FALCON: Autonomous Cyber Threat Intelligence Mining with LLMs for IDS Rule Generation
Signature-based Intrusion Detection Systems IDS detect malicious activities by matching network or host activity against predefined rules. These rules are derived from extensive Cyber Threat Intelligence CTI, which includes attack signatures and behavioral patterns obtained through automated tool...
LLMs in the SOC: an Empirical Study of Human-AI Collaboration in Security Operations Centres
The integration of Large Language Models LLMs into Security Operations Centres SOCs presents a transformative, yet still evolving, opportunity to reduce analyst workload through human-AI collaboration. However, their real-world application in SOCs remains underexplored. To address this gap, we...
SIExVulTS: Sensitive Information Exposure Vulnerability Detection System Using Transformer Models and Static Analysis
Sensitive Information Exposure SIEx vulnerabilities CWE-200 remain a persistent and under-addressed threat across software systems, often leading to serious security breaches. Existing detection tools rarely target the diverse subcategories of CWE-200 or provide context-aware analysis of code-lev...
DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift
Malware detection in real-world settings must deal with evolving threats, limited labeling budgets, and uncertain predictions. Traditional classifiers, without additional mechanisms, struggle to maintain performance under concept drift in malware domains, as their supervised learning formulation...
Servant, Stalker, Predator: How an Honest, Helpful, and Harmless (3H) Agent Unlocks Adversarial Skills
This paper identifies and analyzes a novel vulnerability class in Model Context Protocol MCP based agent systems. The attack chain describes and demonstrates how benign, individually authorized tasks can be orchestrated to produce harmful emergent behaviors. Through systematic analysis using the...
Formal Verification of Physical Layer Security Protocols for Next-Generation Communication Networks
Formal verification is crucial for ensuring the robustness of security protocols against adversarial attacks. The Needham-Schroeder protocol, a foundational authentication mechanism, has been extensively studied, including its integration with Physical Layer Security PLS techniques such as...
Addressing Weak Authentication like RFID, NFC in EVs and EVCs Using AI-Powered Adaptive Authentication
The rapid expansion of the Electric Vehicles EVs and Electric Vehicle Charging Systems EVCs has introduced new cybersecurity challenges, specifically in authentication protocols that protect vehicles, users, and energy infrastructure. Although widely adopted for convenience, traditional...
CISA: FY 2025 Tribal Cybersecurity Grant Program FAQs
This is the CISA FAQ for the Tribal Cybersecurity Grant Program TCGP which assists eligible Tribal governments addressing cybersecurity risks and threats to their information systems. This is an updated copy...
Tricking LLM-Based NPCs into Spilling Secrets
Large Language Models LLMs are increasingly used to generate dynamic dialogue for game NPCs. However, their integration raises new security concerns. In this study, we examine whether adversarial prompt injection can cause LLM-based NPCs to reveal hidden background secrets that are meant to remai...
Prompt-In-Content Attacks: Exploiting Uploaded Inputs to Hijack LLM Behavior
Large Language Models LLMs are widely deployed in applications that accept user-submitted content, such as uploaded documents or pasted text, for tasks like summarization and question answering. In this paper, we identify a new class of attacks, prompt in content injection, where adversarial...
Nuclei 3.4.10
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...
Aligning Core Aspects: Improving Vulnerability Proof-Of-Concepts Via Cross-Source Insights
For vulnerabilities, Proof-of-Concept PoC plays an irreplaceable role in demonstrating the exploitability. PoC reports may include critical information such as specific usage, test platforms, and more, providing essential insights for researchers. However, in reality, due to various PoC templates...
Collaborative Intelligence: Topic Modelling of Large Language Model Use in Live Cybersecurity Operations
Objective: This work describes the topic modelling of Security Operations Centre SOC use of a large language model LLM, during live security operations. The goal is to better understand how these specialists voluntarily use this tool. Background: Human-automation teams have been extensively...
A.S.E: a Repository-Level Benchmark for Evaluating Security in AI-Generated Code
The increasing adoption of large language models LLMs in software engineering necessitates rigorous security evaluation of their generated code. However, existing benchmarks are inadequate, as they focus on isolated code snippets, employ unstable evaluation methods that lack reproducibility, and...
A Systematic Approach to Predict the Impact of Cybersecurity Vulnerabilities Using LLMs
Vulnerability databases, such as the National Vulnerability Database NVD, offer detailed descriptions of Common Vulnerabilities and Exposures CVEs, but often lack information on their real-world impact, such as the tactics, techniques, and procedures TTPs that adversaries may use to exploit the...
An 8- and 12-Bit Block AES Cipher
Because it is so unusual, or hard to find, or expository, a truly tiny 8- or 12-bit block AES Rijndael cipher is documented here, along with Java source code...
WhatWeb Scanner 0.6.2
WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...
Hashcat Advanced Password Recovery 7.1.2 Source Code
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code...
MalLoc: toward Fine-Grained Android Malicious Payload Localization Via LLMs
The rapid evolution of Android malware poses significant challenges to the maintenance and security of mobile applications apps. Traditional detection techniques often struggle to keep pace with emerging malware variants that employ advanced tactics such as code obfuscation and dynamic behavior...
Training Language Model Agents to Find Vulnerabilities with CTF-Dojo
Large language models LLMs have demonstrated exceptional capabilities when trained within executable runtime environments, notably excelling at software engineering tasks through verified feedback loops. Yet, scalable and generalizable execution-grounded environments remain scarce, limiting...
Cryptographic Challenges: Masking Sensitive Data in Cyber Crimes through ASCII Art
The use of ASCII art as a novel approach to masking sensitive information in cybercrime, focusing on its potential role in protecting personal data during the delivery process and beyond, is presented. By examining the unique properties of ASCII art and its historical context, this study discusse...
$AutoGuardX$: a Comprehensive Cybersecurity Framework for Connected Vehicles
The rapid integration of Internet of Things IoT and interconnected systems in modern vehicles not only introduced a new era of convenience, automation, and connected vehicles but also elevated their exposure to sophisticated cyber threats. This is especially evident in US and Canada, where...
Hashcat Advanced Password Recovery 7.1.2 Binary Release
Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary...
Rethinking Denial-Of-Service: a Conditional Taxonomy Unifying Availability and Sustainability Threats
This paper proposes a unified, condition-based framework for classifying both legacy and cloud-era denial-of-service DoS attacks. The framework comprises three interrelated models: a formal conditional tree taxonomy, a hierarchical lattice structure based on order theory, and a conceptual Venn...
Trust Me, I Know This Function: Hijacking LLM Static Analysis Using Bias
Large Language Models LLMs are increasingly trusted to perform automated code review and static analysis at scale, supporting tasks such as vulnerability detection, summarization, and refactoring. In this paper, we identify and exploit a critical vulnerability in LLM-based code analysis: an...