OnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red Ransomware

Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware...

Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps

Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript JSC malware called JSCEAL that can capture data such as credentials and wallets. The activity leverages thousands of malicious advertisements...

The vulnerability of the Palo Alto Prisma SD-WAN software, related to unlimited resource distribution, allows a hacker to trigger a service failure.

The vulnerability of the Palo Alto Prisma SD-WAN software is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

Optimal Planning for Enhancing the Resilience of Modern Distribution Systems against Cyberattacks

The increasing integration of IoT-connected devices in smart grids has introduced new vulnerabilities at the distribution level. Of particular concern is the potential for cyberattacks that exploit high-wattage IoT devices, such as EV chargers, to manipulate local demand and destabilize the grid...

Security Loophole in Error Verification in Quantum Key Distribution

The security of quantum key distribution QKD is evaluated based on the secrecy of Alice's key and the correctness of the keys held by Alice and Bob. A practical method for ensuring correctness is known as error verification, in which Alice and Bob reveal a portion of their reconciled keys and che...

On Post-Quantum Cryptography Authentication for Quantum Key Distribution

The traditional way for a Quantum Key Distribution QKD user to join a quantum network is by authenticating themselves using pre-shared key material. While this approach is sufficient for small-scale networks, it becomes impractical as the network grows, due to the total quadratic increase in the...

Hot-Swap MarkBoard: an Efficient Black-Box Watermarking Approach for Large-Scale Model Distribution

Recently, Deep Learning DL models have been increasingly deployed on end-user devices as On-Device AI, offering improved efficiency and privacy. However, this deployment trend poses more serious Intellectual Property IP risks, as models are distributed on numerous local devices, making them...

The vulnerability of the Redis database management system server, which involves unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Redis database management system is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures through repeated unauthorized connections...

Steam games abused to deliver malware once again

A cybercriminal known as EncryptHub aka Larva-208 has reportedly abused the online game platform Steam to distribute information stealers. EncryptHub managed to sneak malicious files into the Chemia game files hosted on Steam. Chemia is an adventurous survival type of game that puts the player in...

[SECURITY] [DSA 5965-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5965-1 [email protected] https://www.debian.org/security/ Andres Salomon July 24, 2025 https://www.debian.org/security/faq -...

Secure One-Sided Device-Independent Quantum Key Distribution under Collective Attacks with Enhanced Robustness

We study the security of a quantum key distribution QKD protocol under the one-sided device-independent 1sDI setting, which assumes trust in only one party's measurement device. This approach effectively provides a balance between the experimental viability of device-dependent DD-QKD and the...

Development of a Standardized Testing Environment for QRNGs Based on Semiconductor Laser Phase Noise

Quantum random number generators QRNGs based on semiconductor laser phase noise are an inexpensive and efficient resource for true random numbers. Commercially available technology allows for designing QRNG setups tailored to specific use cases. However, it is important to constantly monitor...

Faraday 5.15.2

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

DuraComm SPM-500 DP-10iN-100-MU 安全漏洞

The DuraComm SPM-500 DP-10iN-100-MU is a DC power distribution panel from DuraComm USA. A security vulnerability exists in the DuraComm SPM-500 DP-10iN-100-MU that originates from the unencrypted transmission of sensitive data that could be intercepted by an attacker...

DuraComm SPM-500 DP-10iN-100-MU 访问控制错误漏洞

The DuraComm SPM-500 DP-10iN-100-MU is a DC power distribution panel from DuraComm, Inc. An access control error vulnerability exists in the DuraComm SPM-500 DP-10iN-100-MU, which stems from functional access control that lacks user authentication, and could cause an attacker to repeatedly reboot...

DuraComm SPM-500 DP-10iN-100-MU 跨站脚本漏洞

The DuraComm SPM-500 DP-10iN-100-MU is a DC power distribution panel from DuraComm USA. A cross-site scripting vulnerability exists in the DuraComm SPM-500 DP-10iN-100-MU, which stems from susceptibility to cross-site scripting attacks that could prevent a legitimate user from accessing the web...

DREAM: Scalable Red Teaming for Text-To-Image Generative Systems Via Distribution Modeling

Despite the integration of safety alignment and external filters, text-to-image T2I generative models are still susceptible to producing harmful content, such as sexual or violent imagery. This raises serious concerns about unintended exposure and potential misuse. Red teaming, which aims to...

From Cracks to Crooks: YouTube As a Vector for Malware Distribution

With billions of users and an immense volume of daily uploads, YouTube has become an attractive target for cybercriminals aiming to leverage its vast audience. The platform's openness and trustworthiness provide an ideal environment for deceptive campaigns that can operate under the radar of...

PhishIntentionLLM: Uncovering Phishing Website Intentions through Multi-Agent Retrieval-Augmented Generation

Phishing websites remain a major cybersecurity threat, yet existing methods primarily focus on detection, while the recognition of underlying malicious intentions remains largely unexplored. To address this gap, we propose PhishIntentionLLM, a multi-agent retrieval-augmented generation RAG...

Quantum Skyshield: Quantum Key Distribution and Post-Quantum Authentication for Low-Altitude Wireless Networks in Adverse Skies

Recently, low-altitude wireless networks LAWNs have emerged as a critical backbone for supporting the low-altitude economy, particularly with the densification of unmanned aerial vehicles UAVs and high-altitude platforms HAPs. To meet growing data demands, some LAWN deployments incorporate...