Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
GitHub

FuncVul: An Effective Function Level Vulnerability Detection Model using LLM and Code Chunk

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing ...
IEEE

Complexity Reduction in AMP Iterative Detection: A New Approach With Error Function-Aided Mechanism and Convergence-Based Termination

Abstract: Approximate message passing (AMP) iterative detection is recognized as a reliable and practical approach for multiple-input multiple-output (MIMO) systems. However, existing AMP detection ...
GitHub

Open Malicious-Code Benchmark

OMCBench is a benchmark suite for evaluating malicious-code detection capabilities. The benchmark consists of a labeled set of 800 Python and JavaScript packages: 400 benign and 400 malicious packages ...
IEEE

Service Function Chain Anomaly Detection Method for Cyber Threat Detection in Aviation Information System

Abstract: The aviation information system is a large-scale critical national infrastructure that is rapidly evolving towards digitalization and intelligence in response to the growing demand for air ...