Breaking the Flow and the Bank: Stealthy Cyberattacks on Water Network Hydraulics

As water distribution networks WDNs become increasingly connected with digital infrastructures, they face greater exposure to cyberattacks that threaten their operational integrity. Stealthy False Data Injection Attacks SFDIAs are particularly concerning, as they manipulate sensor data to...

Performance Analysis of MDI-QKD in Thermal-Loss and Phase Noise Channels

Measurement-device-independent quantum key distribution MDI-QKD, enhances quantum cryptography by mitigating detector-side vulnerabilities. This study analyzes MDI-QKD performance in thermal-loss and phase noise channels, modeled as depolarizing and dephasing channels to capture thermal and phase...

Quantum Technologies for beyond 5G and 6G Networks: Applications, Opportunities, and Challenges

As the world prepares for the advent of 6G networks, quantum technologies are becoming critical enablers of the next generation of communication systems. This survey paper investigates the convergence of quantum technologies and 6G networks, focusing on their applications, opportunities and...

TrojanDam: Detection-Free Backdoor Defense in Federated Learning through Proactive Model Robustification Utilizing OOD Data

Federated learning FL systems allow decentralized data-owning clients to jointly train a global model through uploading their locally trained updates to a centralized server. The property of decentralization enables adversaries to craft carefully designed backdoor updates to make the global model...

Reveal-Or-Obscure: a Differentially Private Sampling Algorithm for Discrete Distributions

We introduce a differentially private DP algorithm called reveal-or-obscure ROO to generate a single representative sample from a dataset of $n$ observations drawn i.i.d. from an unknown discrete distribution $P$. Unlike methods that add explicit noise to the estimated empirical distribution, ROO...

Monitor and Recover: a Paradigm for Future Research on Distribution Shift in Learning-Enabled Cyber-Physical Systems

With the known vulnerability of neural networks to distribution shift, maintaining reliability in learning-enabled cyber-physical systems poses a salient challenge. In response, many existing methods adopt a detect and abstain methodology, aiming to detect distribution shift at inference time so...

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent, related to unlimited resource distribution, allows a perpetrator to trigger a service failure.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the PowerScale OneFS operating system, related to the unlimited distribution of resources, allows a hacker to trigger a service failure.

The vulnerability of the PowerScale OneFS operating system is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

Zoom Client for Meetings < 6.3.10 Vulnerability (ZSB-25015)

The version of Zoom Client for Meetings installed on the remote host is prior to 6.3.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25015 advisory. - Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of...

[SECURITY] [DSA 5899-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5899-1 [email protected] https://www.debian.org/security/ Alberto Garcia April 10, 2025 https://www.debian.org/security/faq -...

The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems is related to insufficient resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

[SECURITY] [DSA 5898-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5898-1 [email protected] https://www.debian.org/security/ Andres Salomon April 09, 2025 https://www.debian.org/security/faq -...

org.apache.pulsar:pulsar-io-distribution (>=2.3.0 <=2.7.5), org.apache.pulsar:pulsar-io-docs (>=2.3.0 <=2.7.5) potentially affected by CVE-2025-30677 via org.apache.pulsar:pulsar-io-kafka (>=2.3.0 <=2.7.5)

org.apache.pulsar:pulsar-io-kafka MAVEN version =2.3.0, =2.3.0, =2.3.0, =2.7.5 Source cves: CVE-2025-30677 Source advisory: OSV:GHSA-RCQJ-3FMP-5CQX...

org.apache.pulsar:pulsar-io-distribution (>=2.3.0 <=2.7.5), org.apache.pulsar:pulsar-io-docs (>=2.3.0 <=2.7.5) potentially affected by CVE-2025-30677 via org.apache.pulsar:pulsar-io-kafka (>=2.3.0 <=2.7.5)

org.apache.pulsar:pulsar-io-kafka MAVEN version =2.3.0, =2.3.0, =2.3.0, =2.7.5 Source cves: CVE-2025-30677 Source advisory: SNYK:JAVA-ORGAPACHEPULSAR-9685318...

The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment, related to unlimited resource distribution, allows attackers to trigger service failures.

The vulnerability of the ASP.NET Core software platform and the Microsoft Visual Studio development environment is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2025-27479 Kerberos Key Distribution Proxy Service Denial of Service Vulnerability

...

Attackers distributing a miner and the ClipBanker Trojan via SourceForge

Recently, we noticed a rather unique scheme for distributing malware that exploits SourceForge, a popular website providing software hosting, comparison, and distribution services. The site hosts numerous software projects, and anyone can upload theirs. One such project, officepackage , on the ma...

The vulnerability of the microprogrammed software of the ViewJet C-more Series and GC-A2 Series sensor panels, related to unlimited distribution of resources, allows a intruder to cause service failures.

The vulnerability of the microprogrammed software in the ViewJet C-more Series and GC-A2 Series sensor panels is related to unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hostin...

org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-flink-connector (>=1.0.0 <=1.2.0) +6 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-controller (>=0.1.0 <=1.2.0)

org.apache.pinot:pinot-controller MAVEN version =0.1.0, =0.1.0, =1.0.0, =0.9.0, =0.1.0, =0.8.0, =0.8.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...