Related posts:

1. The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
2. Malicious Packagist Themes Target Vietnamese OphimCMS Sites with Trojanized JS
3. Backdoored React Native Packages Target Developers with Crypto-Stealing Malware

Related posts:

1. Embargo Broken: Public PoC Released for “Dirty Frag” Linux Kernel Exploit Granting Instant Root Access
2. Breaking the Shield: ‘CrackArmor’ Flaws Expose 12.6 Million Linux Servers to Full Root Takeover
3. Root of the Problem: Sudo Flaw Exposes Linux Systems to Local Privilege Escalation

As a maintainer, this is Cilium's take on how we secure our Github Actions in the OSS project. A few highlights:

• SHA pinning every GitHub Action
• Separating trusted vs untrusted code paths in pull_request_target
• Isolating CI credentials from production release credentials
• Cosign signing + SBOM attestations
• Vendoring Go dependencies to make supply chain changes visible in review
• Treating blast radius reduction as the core design principle

and a few gaps:

• no SLSA provenance yet
• remaining mutable u/main references
• no dependency review at PR time
• missing govulncheck integration

Existing benchmarks for LLM-based vulnerability detection compress model performance into a single metric, which fails to reflect the distinct priorities of different stakeholders. For example, a CISO may emphasize high recall of critical vulnerabilities, an engineering leader may prioritize minimizing false positives, and an AI officer may balance capability against cost. To address this limitation, we introduce SecLens-R, a multi-stakeholder evaluation framework structured around 35 shared dimensions grouped into 7 measurement categories. The framework defines five role-specific weighting profiles: CISO, Chief AI Officer, Security Researcher, Head of Engineering, and AI-as-Actor. Each profile selects 12 to 16 dimensions with weights summing to 80, yielding a composite Decision Score between 0 and 100.
We apply SecLens-R to evaluate 12 frontier models on a dataset of 406 tasks derived from 93 open-source projects, covering 10 programming languages and 8 OWASP-aligned vulnerability categories. Evaluations are conducted across two settings: Code-in-Prompt (CIP) and Tool-Use (TU). Results show substantial variation across stakeholder perspectives, with Decision Scores differing by as much as 31 points for the same model. For instance, Qwen3-Coder achieves an A (76.3) under the Head of Engineering profile but a D (45.2) under the CISO profile, while GPT-5.4 shows a similar disparity. These findings demonstrate that vulnerability detection is inherently a multi-objective problem and that stakeholder-aware evaluation provides insights that single aggregated metrics obscure.

Related posts:

1. High-Severity WatchGuard Agent Flaws Grant Full SYSTEM Privileges on Windows
2. Under Attack: Cisco Urges Immediate Action as Hackers Actively Exploit SD-WAN Manager Flaws
3. Unauthenticated Takeover: Critical 9.6 CVSS Zoom Flaw Exposes Windows Users to Remote Privilege Escalation

Related posts:

1. Unmasking Silver Dragon: The Chinese-Nexus APT Haunting Southeast Asia and Europe
2. Gaslighting Android: How the ‘Digital Lutera’ Attack Uses LSPosed to Bypass UPI SIM-Binding
3. The End of the Static Era: Trellix Uncovers Fully Fileless Remcos RAT Campaign

Related posts:

1. The Mutable Tag Trap: Critical 9.4 CVSS Attack on Xygeni GitHub Action Exposes CI/CD Pipelines
2. Waking the Sleepers: The BufferZoneCorp Campaign Poisoning Ruby and Go Ecosystems
3. Hackers Impersonate Stripe.net to Hijack the Global Payment Supply Chain

Related posts:

1. Denial of Service Alert: React Server Components Vulnerability Causes CPU Spikes
2. Django Releases Security Patches to Address DoS and Permission Vulnerabilities
3. Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks

Related posts:

1. Cisco Talos Q2 Report: Phishing & Ransomware Dominate, with Qilin Using Deprecated PowerShell 1.0
2. The Dark Side of Telegram: How Cybercriminals Weaponize Bot APIs for Stealthy Data Exfiltration
3. The Compliance Trap: How a 13,000-Org Phishing Wave Bypasses MFA via AiTM Proxying

Related posts:

1. AI Hype Hijacked: How a Fake Claude Installer Blinds Windows Security
2. Exploited in the Wild: Interlock Ransomware Weaponizes Critical 10.0 CVSS Cisco Zero-Day
3. Copyright Lures and “Fileless” Shadows: Inside the PureLog Stealer Campaign

Related posts:

1. Copy Fail: Public PoC and Full Details Disclosed for the 732-Byte Linux Root Exploit (CVE-2026-31431)
2. Linux Kernel Flaw (CVE-2025-38236): Privilege Escalation Risk, PoC Code Available
3. Splunk Windows Flaws Expose Servers to System Takeover

Related posts:

1. Rancher Flaw Allows Malicious Plugins to Hijack Kubernetes Clusters
2. GitOps Security Breach: Critical 9.6 CVSS Argo CD Flaw Exposes Plaintext Kubernetes Secrets
3. Critical 9.0 CVSS Flaw in ArcadeDB Allows Total Cross-Database Access

Related posts:

1. Critical 9.3 CVSS Flaw in SiYuan Lets Hackers Steal Private Notes via SVG Injection
2. Exploited in the Wild: CISA Warns of Active Attacks on Microsoft SharePoint and Zimbra
3. High-Severity RCE and XSS Vulnerabilities Patched in Apache Storm 2.8.6

Related posts:

1. Exploited in the Wild: Critical PAN-OS Buffer Overflow Grants Root Access to Palo Alto Firewalls
2. CISA Adds Qualcomm and VMware Flaws to Known Exploited Catalog
3. Under Attack: Cisco Urges Immediate Action as Hackers Actively Exploit SD-WAN Manager Flaws