:: Library Catalog

Cover Image

Saved in:

Bibliographic Details
Main Authors:	Liu, Xiting, Liu, Yuetong, Zhang, Yitong, Li, Jia, Hu, Shi-Min
Format:	Preprint
Published:	2026
Subjects:	Software Engineering Cryptography and Security
Online Access:	https://arxiv.org/abs/2602.20717
Tags:	Add Tag No Tags, Be the first to tag this record!

Similar Items

An Empirical Study of Vulnerable Package Dependencies in LLM Repositories
by: Liu, Shuhan, et al.
Published: (2025)

An Analysis of Malicious Packages in Open-Source Software in the Wild
by: Zhou, Xiaoyan, et al.
Published: (2024)

AgentGuard: A Multi-Agent Framework for Robust Package Confusion Detection via Hybrid Search and Metadata-Content Fusion
by: Li, Yu, et al.
Published: (2026)

Zero-Shot Vulnerability Detection in Low-Resource Smart Contracts Through Solidity-Only Training
by: Hu, Minghao, et al.
Published: (2026)

Cutting the Gordian Knot: Detecting Malicious PyPI Packages via a Knowledge-Mining Framework
by: Guo, Wenbo, et al.
Published: (2026)

HighGuard: Cross-Chain Business Logic Monitoring of Smart Contracts
by: Eshghie, Mojtaba, et al.
Published: (2023)

Bridging Expert Reasoning and LLM Detection: A Knowledge-Driven Framework for Malicious Packages
by: Guo, Wenbo, et al.
Published: (2026)

A Large-scale Fine-grained Analysis of Packages in Open-Source Software Ecosystems
by: Zhou, Xiaoyan, et al.
Published: (2024)

Decoding Secret Memorization in Code LLMs Through Token-Level Characterization
by: Nie, Yuqing, et al.
Published: (2024)

A Practical Solution to Systematically Monitor Inconsistencies in SBOM-based Vulnerability Scanners
by: Rosso, Martin, et al.
Published: (2025)

zkCraft: Prompt-Guided LLM as a Zero-Shot Mutation Pattern Oracle for TCCT-Powered ZK Fuzzing
by: Fu, Rong, et al.
Published: (2026)

Tactics, Techniques, and Procedures (TTPs) in Interpreted Malware: A Zero-Shot Generation with Large Language Models
by: Zhang, Ying, et al.
Published: (2024)

Designing Robust API Monitoring Solutions
by: D'Elia, Daniele Cono, et al.
Published: (2020)

Semantic Consensus Decoding: Backdoor Defense for Verilog Code Generation
by: Yang, Guang, et al.
Published: (2026)

Securing the Software Package Supply Chain for Critical Systems
by: Murali, Ritwik, et al.
Published: (2025)

A Static Analysis of Popular C Packages in Linux
by: Ruohonen, Jukka, et al.
Published: (2024)

LLM-enabled Applications Require System-Level Threat Monitoring
by: Zhang, Yedi, et al.
Published: (2026)

We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs
by: Spracklen, Joseph, et al.
Published: (2024)

HALURust: Exploiting Hallucinations of Large Language Models to Detect Vulnerabilities in Rust
by: Luo, Yu, et al.
Published: (2025)

Basic Legibility Protocols Improve Trusted Monitoring
by: Sreevatsa, Ashwin, et al.
Published: (2026)

CHASE: LLM Agents for Dissecting Malicious PyPI Packages
by: Toda, Takaaki, et al.
Published: (2026)

Hackers or Hallucinators? A Comprehensive Analysis of LLM-Based Automated Penetration Testing
by: Peng, Jiaren, et al.
Published: (2026)

Maven-Hijack: Software Supply Chain Attack Exploiting Packaging Order
by: Reyes, Frank, et al.
Published: (2024)

SoK: Towards Reproducibility for Software Packages in Scripting Language Ecosystems
by: Pohl, Timo, et al.
Published: (2025)

PoCGen: Generating Proof-of-Concept Exploits for Vulnerabilities in Npm Packages
by: Simsek, Deniz, et al.
Published: (2025)

Learning to Triage Taint Flows Reported by Dynamic Program Analysis in Node.js Packages
by: Ni, Ronghao, et al.
Published: (2025)

Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors
by: Schorlemmer, Taylor R, et al.
Published: (2024)

The Popularity Hypothesis in Software Security: A Large-Scale Replication with PHP Packages
by: Ruohonen, Jukka, et al.
Published: (2025)

What's in a Package? Getting Visibility Into Dependencies Using Security-Sensitive API Calls
by: Rahman, Imranur, et al.
Published: (2024)

Insecure Ingredients? Exploring Dependency Update Patterns of Bundled JavaScript Packages on the Web
by: Swierzy, Ben, et al.
Published: (2025)

VulInstruct: Teaching LLMs Root-Cause Reasoning for Vulnerability Detection via Security Specifications
by: Zhu, Hao, et al.
Published: (2025)

ConfuGuard: Using Metadata to Detect Active and Stealthy Package Confusion Attacks Accurately and at Scale
by: Jiang, Wenxin, et al.
Published: (2025)

Taint-Style Vulnerability Detection and Confirmation for Node.js Packages Using LLM Agent Reasoning
by: Ni, Ronghao, et al.
Published: (2026)

Killing Two Birds with One Stone: Malicious Package Detection in NPM and PyPI using a Single Model of Malicious Behavior Sequence
by: Zhang, Junan, et al.
Published: (2023)

Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection vs. Fine-Grained Indicator Identification
by: Ryan, Ahmed, et al.
Published: (2026)

ARGUS: Defending LLM Agents Against Context-Aware Prompt Injection
by: Weng, Shihao, et al.
Published: (2026)

DySec: A Machine Learning-based Dynamic Analysis for Detecting Malicious Packages in PyPI Ecosystem
by: Mehedi, Sk Tanzir, et al.
Published: (2025)

ZTaint-Havoc: From Havoc Mode to Zero-Execution Fuzzing-Driven Taint Inference
by: Xie, Yuchong, et al.
Published: (2025)

Smart Contract Fuzzing Towards Profitable Vulnerabilities
by: Kong, Ziqiao, et al.
Published: (2025)

An Empirical Study of Vulnerabilities in Python Packages and Their Detection
by: Quan, Haowei, et al.
Published: (2025)