Resources
Explore our contributions to the open-source community and our security vulnerability research/findings.
Open Source Projects
TechniqueRAG: Retrieval Augmented Generation for Adversarial Technique Annotation in Cyber Threat Intelligence Text
Accurately identifying adversarial techniques in security texts is critical for
AZERG STIX Entity and Relationship Extractor
AZERG is a framework for automatically extracting Structured Threat Information Expression
LLMxCPG: Context-Aware Vulnerability Detection Through Code Property Graph-Guided Large Language Models
Software vulnerabilities present a persistent security challenge, with over 25,000
Security Vulnerability Findings
CVE-2025-6170 in libxml2
We discovered a vulnerability in gnome/libxml2 in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does
CVE-2025-6021 in libxml2
We discovered a vulnerability in gnome/libxml2 in xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption
CVE-2025-6491 in php-src
We discovered a vulnerability in php/php-src (the core source code for PHP programming language) if a SoapVar instance is created with a fully qualified name larger than 2G, this will