← All streams
Research
New papers, new attacks, new defenses.
72 stories
arXiv cs.CR: A UEFI System with SPDM to Protect Against Unauthorized Device Connections
1 min·3 sources·research-arxiv-cs-cr-a-uefi-system-with-spdm-to-protect-again
arXiv cs.CR: Agentic AI and the Industrialization of Cyber Offense: Forecast, Consequences, and Defensive Priorities for Enterprises and the Mittelstand
1 min·3 sources·research-arxiv-cs-cr-agentic-ai-and-the-industrialization-of-
arXiv cs.CR: Evaluating Prompt Injection Defenses for Educational LLM Tutors: Security-Usability-Latency Trade-offs
1 min·3 sources·research-arxiv-cs-cr-evaluating-prompt-injection-defenses-for
arXiv cs.CR: From Specification to Deployment: Empirical Evidence from a W3C VC + DID Trust Infrastructure for Autonomous Agents
1 min·3 sources·research-arxiv-cs-cr-from-specification-to-deployment-empiric
arXiv cs.CR: Language Models Can Autonomously Hack and Self-Replicate
1 min·3 sources·research-arxiv-cs-cr-language-models-can-autonomously-hack-an
arXiv cs.CR: Narrow Secret Loyalty Dodges Black-Box Audits
1 min·3 sources·research-arxiv-cs-cr-narrow-secret-loyalty-dodges-black-box-a
arXiv cs.CR: PAMPOS: Causal Transformer-based Trajectory Prediction for Attack-Agnostic Misbehavior Detection in V2X Networks
1 min·3 sources·research-arxiv-cs-cr-pampos-causal-transformer-based-trajecto
arXiv cs.CR: The Cost of Quantum Resistance: A Hash-Based Commit-Reveal Alternative for Minimizing Blockchain Infrastructure Overhead
1 min·3 sources·research-arxiv-cs-cr-the-cost-of-quantum-resistance-a-hash-ba
arXiv cs.CR: TUANDROMD-X: Advanced Entropy and Visual Analytics Dataset for Enhanced Malware Detection and Classification
1 min·3 sources·research-arxiv-cs-cr-tuandromd-x-advanced-entropy-and-visual-
arXiv cs.CR: When Routine Chats Turn Toxic: Unintended Long-Term State Poisoning in Personalized Agents
1 min·3 sources·research-arxiv-cs-cr-when-routine-chats-turn-toxic-unintended
arXiv cs.CR: A Novel Byte-Level Flow-to-Image Encoding Method for Network Intrusion Detection Systems
1 min·3 sources·research-arxiv-cs-cr-a-novel-byte-level-flow-to-image-encodin
arXiv cs.CR: Differential Privacy in the Extensive-Form Bandit Problem
1 min·3 sources·research-arxiv-cs-cr-differential-privacy-in-the-extensive-fo
arXiv cs.CR: Dynamic Authorization for Knowledge-Base Agents in 6G
1 min·3 sources·research-arxiv-cs-cr-dynamic-authorization-for-knowledge-base
arXiv cs.CR: GLiNER Guard: Unified Encoder Family for Production LLM Safety and Privacy
1 min·3 sources·research-arxiv-cs-cr-gliner-guard-unified-encoder-family-for-
arXiv cs.CR: How Far Are VLMs from Privacy Awareness in the Physical World? An Empirical Study
1 min·3 sources·research-arxiv-cs-cr-how-far-are-vlms-from-privacy-awareness-
arXiv cs.CR: Identifier-Free Code Embedding Models for Scalable Search
1 min·3 sources·research-arxiv-cs-cr-identifier-free-code-embedding-models-fo
arXiv cs.CR: Sealing the Audit-Runtime Gap for LLM Skills
1 min·3 sources·research-arxiv-cs-cr-sealing-the-audit-runtime-gap-for-llm-sk
arXiv cs.CR: SecureMCP: A Policy-Enforced LLM Data Access Framework for AIoT Systems via Model Context Protocol
1 min·3 sources·research-arxiv-cs-cr-securemcp-a-policy-enforced-llm-data-acc
arXiv cs.CR: Securing the Agent: Vendor-Neutral, Multitenant Enterprise Retrieval and Tool Use
1 min·3 sources·research-arxiv-cs-cr-securing-the-agent-vendor-neutral-multit
arXiv cs.CR: Shattering the Echo Chamber: Hidden Safeguards in Manuscripts Against the AI Takeover of Peer Review
1 min·3 sources·research-arxiv-cs-cr-shattering-the-echo-chamber-hidden-safeg
arXiv cs.CR: Assessing Generalisation Capability of Machine Learning Models for Intrusion Detection
1 min·3 sources·research-arxiv-cs-cr-assessing-generalisation-capability-of-m
arXiv cs.CR: Binary Image-Based Intrusion Detection for Operational Technology Networks: Extending the SPHBI Methodology from IoT to Modbus TCP
1 min·3 sources·research-arxiv-cs-cr-binary-image-based-intrusion-detection-f
arXiv cs.CR: Laundering AI Authority with Adversarial Examples
1 min·3 sources·research-arxiv-cs-cr-laundering-ai-authority-with-adversarial
arXiv cs.CR: Lightweight Vulnerability Detection from Code Metrics and Token Features
1 min·3 sources·research-arxiv-cs-cr-lightweight-vulnerability-detection-from
arXiv cs.CR: Membership Inference Attacks for Retrieval Based In-Context Learning for Document Question Answering
1 min·3 sources·research-arxiv-cs-cr-membership-inference-attacks-for-retriev
arXiv cs.CR: Quantum-Resistant Networks: A Review of Primitives, Protocols and Best Practices
1 min·3 sources·research-arxiv-cs-cr-quantum-resistant-networks-a-review-of-p
arXiv cs.CR: Revocation-Ready CP-ABE Key Management for Blockchain-Based IoT Data Sharing
1 min·3 sources·research-arxiv-cs-cr-revocation-ready-cp-abe-key-management-f
arXiv cs.CR: Root-Cause-Driven Automated Vulnerability Repair
1 min·3 sources·research-arxiv-cs-cr-root-cause-driven-automated-vulnerabilit
arXiv cs.CR: Towards a Zero-Trust Supply-Chain Assurance Rubric for ORAN RIC Applications
1 min·3 sources·research-arxiv-cs-cr-towards-a-zero-trust-supply-chain-assura
arXiv cs.CR: Undetectable Backdoors in Model Parameters: Hiding Sparse Secrets in High Dimensions
1 min·3 sources·research-arxiv-cs-cr-undetectable-backdoors-in-model-paramete
arXiv cs.CR: ChaRVoC: A Challenge-Response Voice Cancelable Authentication System
1 min·3 sources·research-arxiv-cs-cr-charvoc-a-challenge-response-voice-cance
arXiv cs.CR: Contrastive Privacy: A Semantic Approach to Measuring Privacy of AI-based Sanitization
1 min·3 sources·research-arxiv-cs-cr-contrastive-privacy-a-semantic-approach-
arXiv cs.CR: Decompose to Understand, Fuse to Detect: Frequency-Decoupled Anomaly Detection for Encrypted Network Traffic
1 min·3 sources·research-arxiv-cs-cr-decompose-to-understand-fuse-to-detect-f
arXiv cs.CR: LiteShield: Hybrid Feature Selection-Driven Lightweight Intrusion Detection for Resource-Constrained IoT Networks
1 min·3 sources·research-arxiv-cs-cr-liteshield-hybrid-feature-selection-driv
arXiv cs.CR: Observability for Post-Quantum TLS Readiness: A Multi-Surface Evidence Framework
1 min·3 sources·research-arxiv-cs-cr-observability-for-post-quantum-tls-readi
arXiv cs.CR: PHANTOM: Polymorphic Honeytoken Adaptation with Narrative-Tailored Organisational Mimicry
1 min·3 sources·research-arxiv-cs-cr-phantom-polymorphic-honeytoken-adaptatio
arXiv cs.CR: Safety in Embodied AI: A Survey of Risks, Attacks, and Defenses
1 min·3 sources·research-arxiv-cs-cr-safety-in-embodied-ai-a-survey-of-risks-
arXiv cs.CR: SoK: After Decades of Web Tracker Detection, What's Next?
1 min·3 sources·research-arxiv-cs-cr-sok-after-decades-of-web-tracker-detecti
arXiv cs.CR: Towards a Risk-Cost Model for Financial Adaptive Authentication
1 min·3 sources·research-arxiv-cs-cr-towards-a-risk-cost-model-for-financial-
arXiv cs.CR: Tracing the Dynamics of Refusal: Exploiting Latent Refusal Trajectories for Robust Jailbreak Detection
1 min·3 sources·research-arxiv-cs-cr-tracing-the-dynamics-of-refusal-exploiti
arXiv cs.CR: A Sentence Relation-Based Approach to Sanitizing Malicious Instructions
1 min·3 sources·research-arxiv-cs-cr-a-sentence-relation-based-approach-to-sa
arXiv cs.CR: Certified Purity for Cognitive Workflow Executors: From Static Analysis to Cryptographic Attestation
1 min·3 sources·research-arxiv-cs-cr-certified-purity-for-cognitive-workflow-
arXiv cs.CR: Composable Post-Quantum Security for FADEC-Coupled Dual-Spool Turbofan Cyber-Physical Systems
1 min·3 sources·research-arxiv-cs-cr-composable-post-quantum-security-for-fad
arXiv cs.CR: E-MIA: Exam-Style Black-Box Membership Inference Attacks against RAG Systems
1 min·3 sources·research-arxiv-cs-cr-e-mia-exam-style-black-box-membership-in
arXiv cs.CR: FLRSP: Privacy-Preserving Federated Learning Using Randomly Selected Model Parameters
1 min·3 sources·research-arxiv-cs-cr-flrsp-privacy-preserving-federated-learn
arXiv cs.CR: LLM Ghostbusters: Surgical Hallucination Suppression via Adaptive Unlearning
1 min·3 sources·research-arxiv-cs-cr-llm-ghostbusters-surgical-hallucination-
arXiv cs.CR: Revisiting Privacy Leakage in Machine Unlearning: Membership Inference Beyond the Forgotten Set
1 min·3 sources·research-arxiv-cs-cr-revisiting-privacy-leakage-in-machine-un
arXiv cs.CR: SRTJ: Self-Evolving Rule-Driven Training-Free LLM Jailbreaking
1 min·3 sources·research-arxiv-cs-cr-srtj-self-evolving-rule-driven-training-
arXiv cs.CR: Trace: Unmasking AI Attack Agents Through Terminal Behavior Fingerprinting
1 min·3 sources·research-arxiv-cs-cr-trace-unmasking-ai-attack-agents-through
arXiv cs.CR: When Embedding-Based Defenses Fail: Rethinking Safety in LLM-Based Multi-Agent Systems
1 min·3 sources·research-arxiv-cs-cr-when-embedding-based-defenses-fail-rethi
arXiv cs.CR: Alignment Contracts for Agentic Security Systems
1 min·3 sources·research-arxiv-cs-cr-alignment-contracts-for-agentic-security
arXiv cs.CR: Ambient Persuasion in a Deployed AI Agent: Unauthorized Escalation Following Routine Non-Adversarial Content Exposure
1 min·3 sources·research-arxiv-cs-cr-ambient-persuasion-in-a-deployed-ai-agen
arXiv cs.CR: Attention Is Where You Attack
1 min·3 sources·research-arxiv-cs-cr-attention-is-where-you-attack
arXiv cs.CR: Compliance-Aware Agentic Payments on Stablecoin Rails
1 min·3 sources·research-arxiv-cs-cr-compliance-aware-agentic-payments-on-sta
arXiv cs.CR: I can't recognize (yet): Delayed Rendering to Defeat Visual Phishing Detectors
1 min·3 sources·research-arxiv-cs-cr-i-can-t-recognize-yet-delayed-rendering-
arXiv cs.CR: Lightweight Tamper-Evident Log Integrity Verification for IoT Edge Environments: A Merkle Tree Pipeline with Adaptive Chunking
1 min·3 sources·research-arxiv-cs-cr-lightweight-tamper-evident-log-integrity
arXiv cs.CR: Selfie-Capture Dynamics as an Auxiliary Signal Against Deepfakes and Injection Attacks for Mobile Identity Verification
1 min·3 sources·research-arxiv-cs-cr-selfie-capture-dynamics-as-an-auxiliary-
arXiv cs.CR: Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets
1 min·3 sources·research-arxiv-cs-cr-symbolic-execution-meets-multi-llm-orche
arXiv cs.CR: XekRung Technical Report
1 min·3 sources·research-arxiv-cs-cr-xekrung-technical-report
arXiv cs.CR: zkSBOM: Privacy-Preserving SBOM Sharing with Zero-Knowledge Sets
1 min·3 sources·research-arxiv-cs-cr-zksbom-privacy-preserving-sbom-sharing-w
Hacking the Hunters: How TeamPCP Turned Security Tooling Into the Supply Chain Weapon
10 min·0 sources·teampcp-security-toolchain-supply-chain-campaign-kics-trivy-bitwarden
The 48-Hour Supply Chain Siege: Shai-Hulud, TeamPCP, and the Week the Developer Toolchain Became the Kill Chain
11 min·0 sources·shai-hulud-teampcp-48hour-supply-chain-siege
The Trust Ladder: How TeamPCP Climbed From Security Scanners to Password Managers — Six Weeks of Supply Chain Escalation, Post-Mortem
10 min·0 sources·teampcp-checkmarx-trust-ladder-supply-chain-postmortem
The Scanner That Scanned You Back: TeamPCP's Second Checkmarx Breach and the April 2026 Supply Chain Siege
13 min·0 sources·checkmarx-kics-teampcp-security-tools-supply-chain
Project Zero: On the Effectiveness of Mutational Grammar Fuzzing
1 min·3 sources·research-project-zero-on-the-effectiveness-of-mutational-gramm
Project Zero: A Deep Dive into the GetProcessHandleFromHwnd API
1 min·3 sources·research-project-zero-a-deep-dive-into-the-getprocesshandlefro
Project Zero: Bypassing Administrator Protection by Abusing UI Access
1 min·3 sources·research-project-zero-bypassing-administrator-protection-by-ab
Project Zero: Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529
1 min·3 sources·research-project-zero-breaking-the-sound-barrier-part-ii-explo
Project Zero: Bypassing Windows Administrator Protection
1 min·3 sources·research-project-zero-bypassing-windows-administrator-protecti
Project Zero: A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
1 min·3 sources·research-project-zero-a-0-click-exploit-chain-for-the-pixel-9-
Project Zero: Welcome to the new Project Zero Blog
1 min·3 sources·research-project-zero-welcome-to-the-new-project-zero-blog
Project Zero: Thinking Outside The Box [dusted off draft from 2017]
1 min·3 sources·research-project-zero-thinking-outside-the-box-dusted-off-draf