DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap

Over the last decade, DICOM parsing has become an active research topic. The reason is simple: DICOM is both critical and complicated. Hospitals rely on DICOM-based PACS systems, and those systems often automatically ingest files received over the network. That means malformed data could directly...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/efa: Fixed the issue of using the completion context after it was freed. Regarding the handling of admin queue completion, if the admin command completes with an error, we print data from the completion context. The issue...

Foxconn Ransomware Attack Shows Nothing Is Safe Forever

Famous for helping build Apple’s iPhones, Foxconn just suffered another cyberattack, highlighting the perils of warehousing some of the world’s most valuable data...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006667 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst i...

n8n has SQL Injection in Data Table Node via orderByColumn Expression

Impact An authenticated user with permission to create or modify workflows could exploit a SQL injection vulnerability in the Data Table Get node. On default SQLite DB, single statements can be manipulated and the attack surface is practically limited. On PostgreSQL deployments, multi-statement...

Maintaining Security and Protecting Smart Home Devices from Hackers

Learn how to protect smart home devices from hackers. Strong passwords, updates and secure networks help keep cameras, sensors and data safe...

AI Meeting Assistants Are Rising – But Is Your Data Safe? A Deep Look at TicNote AI

AI meeting assistants have become essential tools for professionals who want fast, accurate, and automated transcription. Yet behind…...

How to keep your data safe when transferring large files

As more of our communication and work move online, keeping large file transfers secure has become a serious…...

EUVD-2022-26998

Malicious code in bioql PyPI...

EUVD-2025-21092

Malicious code in bioql PyPI...

EUVD-2024-53811

Malicious code in bioql PyPI...

EUVD-2025-6512

Malicious code in bioql PyPI...

EUVD-2025-8454

Malicious code in bioql PyPI...

Aeroflot Hacked

Looks serious...

CVE-2025-53471

Emerson ValveLink products receive input or data, but it do not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly...

KeyDroid: a Large-Scale Analysis of Secure Key Storage in Android Apps

Most contemporary mobile devices offer hardware-backed storage for cryptographic keys, user data, and other sensitive credentials. Such hardware protects credentials from extraction by an adversary who has compromised the main operating system, such as a malicious third-party app. Since 2011,...

KLA85303 OSI vulnerability in Microsoft Dynamics

Information disclosure vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2025-49715 Related products Microsoft-Dynamics-365 CVE list CVE-2025-49715 critical Solution Install necessary updates from...

A Comprehensive Survey in LLM(-Agent) Full Stack Safety: Data, Training and Deployment

The remarkable success of Large Language Models LLMs has illuminated a promising pathway toward achieving Artificial General Intelligence for both academic and industrial communities, owing to their unprecedented performance across various applications. As LLMs continue to gain prominence in both...

CVE-2025-22076

CVE-2025-22076 is a Linux kernel vulnerability in exfat handling. The root cause is missing shutdown checks in several I/O paths: read_iter, and later write_iter, splice_read, and mmap. This allowed a device deletion to leave dirty data readable, per the description. The fix adds shutdown checks ...

Linux Distros Unpatched Vulnerability : CVE-2023-28427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can...