English
Related papers

Related papers: Large-Scale-Exploit of GitHub Repository Metadata …

200 papers

Large-scale software development has become a highly collaborative and geographically distributed endeavour, especially in open-source software development ecosystems and their associated developer communities. It has given rise to modern…

Software Engineering · Computer Science 2023-05-18 Mairieli Wessel , Tom Mens , Alexandre Decan , Pooya Rostami Mazrae

Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer productivity. Especially, popular AI coding assistants…

Cryptography and Security · Computer Science 2024-12-30 Yue Liu , Chakkrit Tantithamthavorn , Li Li

The exposure of location data constitutes a significant privacy risk to users as it can lead to de-anonymization, the inference of sensitive information, and even physical threats. In this paper we present LPAuditor, a tool that conducts a…

Computers and Society · Computer Science 2019-01-07 Kostas Drakonakis , Panagiotis Ilia , Sotiris Ioannidis , Jason Polakis

GitHub hosts hundreds of millions of code repositories written in hundreds of different programming languages. In addition to its hosting services, GitHub provides data and insights into code, such as vulnerability analysis and code…

Software Engineering · Computer Science 2022-06-22 Patrick Thomson , Rob Rix , Nicolas Wu , Tom Schrijvers

GitHub is the most widely used platform for software maintenance in the open-source community. Developers report issues on GitHub from time to time while facing difficulties. Having labels on those issues can help developers easily address…

Software Engineering · Computer Science 2025-07-28 Amir Hossain Raaj , Fairuz Nawer Meem , Sadia Afrin Mim

It is commonplace to produce application-specific models by fine-tuning large pre-trained models using a small bespoke dataset. The widespread availability of foundation model checkpoints on the web poses considerable risks, including the…

Cryptography and Security · Computer Science 2024-04-02 Yuxin Wen , Leo Marchyok , Sanghyun Hong , Jonas Geiping , Tom Goldstein , Nicholas Carlini

We conduct a large-scale measurement of developers' insecure practices leading to mini-app to super-app authentication bypass, among which hard-coding developer secrets for such authentication is a major contributor. We also analyze the…

Cryptography and Security · Computer Science 2023-07-19 Supraja Baskaran , Lianying Zhao , Mohammad Mannan , Amr Youssef

In today's digital landscape, the importance of timely and accurate vulnerability detection has significantly increased. This paper presents a novel approach that leverages transformer-based models and machine learning techniques to…

Software Engineering · Computer Science 2025-01-10 Daniele Cipollone , Changjie Wang , Mariano Scazzariello , Simone Ferlin , Maliheh Izadi , Dejan Kostic , Marco Chiesa

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Recent studies have shown that a significant number of mobile applications, often handling sensitive data such as bank accounts and login credentials, suffers from SSL vulnerabilities. Most of the time, these vulnerabilities are due to…

Cryptography and Security · Computer Science 2013-07-01 Mauro Conti , Nicola Dragoni , Sebastiano Gottardo

Knowledge files have been widely used in large language model (LLM) agents, such as GPTs, to improve response quality. However, concerns about the potential leakage of knowledge files have grown significantly. Existing studies demonstrate…

Cryptography and Security · Computer Science 2025-06-03 Xinyue Shen , Yun Shen , Michael Backes , Yang Zhang

Test code is indispensable in software development, ensuring the correctness of production code and supporting maintainability. Nonetheless, errors or omissions in the test code can conceal production defects. While code review is widely…

Software Engineering · Computer Science 2026-03-18 Hui Sun , Yinan Wu , Wesley K. G. Assunção , Kathryn T. Stolee

Attacks on information systems followed by intrusions may cause large revenue losses. The prevention of both is not always possible by just considering information from isolated sources of the network. A global view of the whole system is…

Cryptography and Security · Computer Science 2008-02-27 Joaquin Garcia-Alfaro , Michael A. Jaeger , Gero Muehl , Joan Borrell

In the digital era, accidental exposure of sensitive information such as API keys, tokens, and credentials is a growing security threat. While most prior work focuses on detecting secrets in source code, leakage in software issue reports…

Software Engineering · Computer Science 2026-04-17 Sadif Ahmed , Md Nafiu Rahman , Zahin Wahab , Gias Uddin , Rifat Shahriyar

Existing end-to-end-encrypted (E2EE) email systems, mainly PGP, have long been evaluated in controlled lab settings. While these studies have exposed usability obstacles for the average user and offer design improvements, there exist users…

Cryptography and Security · Computer Science 2021-04-12 Glencora Borradaile , Kelsy Kretschmer , Michele Gretes , Alexandria LeClerc

Gemini is increasingly used to perform tasks on behalf of users, where function-calling and tool-use capabilities enable the model to access user data. Some tools, however, require access to untrusted data introducing risk. Adversaries can…

Mobile devices have access to personal, potentially sensitive data, and there is a large number of mobile applications and third-party libraries that transmit this information over the network to remote servers (including app developer…

Cryptography and Security · Computer Science 2022-06-07 Evita Bakopoulou , Anastasia Shuba , Athina Markopoulou

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose…

Cryptography and Security · Computer Science 2026-02-26 Tarek Ramadan , AbdelRahman Abdou , Mohammad Mannan , Amr Youssef

Mobile communication systems now constitute an essential part of life throughout the world. Fourth generation "Long Term Evolution" (LTE) mobile communication networks are being deployed. The LTE suite of specifications is considered to be…

Cryptography and Security · Computer Science 2017-08-08 Altaf Shaik , Ravishankar Borgaonkar , N. Asokan , Valtteri Niemi , Jean-Pierre Seifert

Outdated documentation is a pervasive problem in software development, preventing effective use of software, and misleading users and developers alike. We posit that one possible reason why documentation becomes out of sync so easily is…

Software Engineering · Computer Science 2022-12-06 Wen Siang Tan , Markus Wagner , Christoph Treude
‹ Prev 1 4 5 6 7 8 10 Next ›