cyberintel.kalymoon.com · 30796 articles · updated every 4 hours · grows forever
arXiv:2605.23598v1 Announce Type: new Abstract: Short-video platforms like Douyin and Kwai have become central to adolescent digital life, but they also risk exposing teens to algorithmically amplifie…
arXiv:2605.23448v1 Announce Type: new Abstract: This work examines an imbalance in artificial intelligence (AI) security research: the field tends to produce more work on attacking AI systems than on …
arXiv:2605.23330v1 Announce Type: new Abstract: This paper systematically investigates the security, privacy, and ethical risks, as well as the traceability challenges of OpenClaw, a locally executabl…
arXiv:2605.23243v1 Announce Type: new Abstract: We evaluate whether frontier LLMs are ready for cybersecurity through a dual-mode benchmark: white-box function-level vulnerability detection (VulnLLM-R…
arXiv:2605.23196v1 Announce Type: new Abstract: Guardrail models (a.k.a. safety checkers) are widely deployed to screen user inputs before they reach large language models (LLMs), serving as a primary…
arXiv:2605.23175v1 Announce Type: new Abstract: Proprietary large language models (LLMs) face risks of intellectual property (IP) violation, as adversaries can replicate an LLM by collecting input-out…
arXiv:2605.23168v1 Announce Type: new Abstract: When practitioners fine-tune LLMs on unvetted datasets, an adversary can exploit the data supply chain through task-level poisoning: inserting a small n…
arXiv:2605.23158v1 Announce Type: new Abstract: The deployment of large language models (LLMs) on resource-constrained devices remains challenging, spurring interest in split inference, where models a…
arXiv:2605.23096v1 Announce Type: new Abstract: Fully homomorphic encryption (FHE) enables private inference by evaluating neural networks on encrypted data. In this way, we can delegate the computati…
arXiv:2605.23059v1 Announce Type: new Abstract: Internet of Things (IoT) security research continues to face a methodological gap between scalable virtual experimentation and realistic device behaviou…
arXiv:2605.23004v1 Announce Type: new Abstract: Botnets are among the most persistent cyber threats, enabling large-scale attacks such as spam, credential theft, and distributed denial-of-service (DDo…
arXiv:2605.22985v1 Announce Type: new Abstract: The rise of autonomous AI agents and the accelerating velocity of corporate data access are stretching the application-centric model of zero trust secur…
arXiv:2605.22842v1 Announce Type: new Abstract: Multi-agent AI pipelines typically assume that agent misconduct originates from model misalignment. We identify a structural failure in this assumption,…
A vulnerability marked as problematic has been reported in huggingface transformers up to 5.2.x . This vulnerability affects the function AutoModelForCausalLM.from_pretrained of the file config.json .…
A vulnerability described as critical has been identified in WineHQ Wine up to 11.0 . This issue affects some unknown processing of the component MIME Handler . Such manipulation leads to incorrect re…
A vulnerability classified as problematic has been found in SPIP up to 4.4.14 . Impacted is an unknown function of the file action/cookie.php of the component ecrire . Performing a manipulation result…
A vulnerability classified as critical was found in Acer NitrorSense up to 3.01.3052 . The affected element is an unknown function. Executing a manipulation can lead to path traversal. This vulnerabil…
A vulnerability, which was classified as critical , has been found in NEC Platforms Aterm MR51FN and Aterm CM51FD . The impacted element is an unknown function. The manipulation leads to os command in…
A vulnerability, which was classified as problematic , was found in NEC Platforms Aterm WX1800HP, Aterm WX5400HP, Aterm WX7800T8, Aterm WX11000T12, Aterm WX3000HP2, Aterm WX4200D5, Aterm GX621A1, Ater…
A vulnerability has been found in MLflow up to 3.9.x and classified as critical . This impacts an unknown function of the file /mlflow-artifacts/mpu/ of the component Multipart Upload Handler . This m…
Written by: Takahiro Sugiyama, Peter Revelant, Mathew Potaczek Introduction In late 2025, Mandiant responded to a security incident involving a compromised web server running KnowledgeDeliver . Knowle…
Written by: Jamie Collier While Russian-speaking threat actors have historically dominated the phishing-as-a-service (PhaaS) landscape, a rival ecosystem is rapidly growing within the Chinese-language…
New TrapDoor supply chain campaign, an active attack deploying 34 malicious packages and over 384 related versions across npm, PyPI, and Crates.io to steal developer credentials and cryptocurrency wal…