Explainable Vulnerability Detection in C/C++ Using Edge-Aware Graph Attention Networks

Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall, leading to high false positive rates and reduced usability...

SUSE-SU-2025:20483-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort...

Architectural Backdoors in Deep Learning: a Survey of Vulnerabilities, Detection, and Defense

Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural backdoors evade standard mitigation techniques and persist...

Crypto-Assisted Graph Degree Sequence Release under Local Differential Privacy

Whitepaper called Crypto-Assisted Graph Degree Sequence Release Under Local Differential Privacy...

REAL-IoT: Characterizing GNN Intrusion Detection Robustness under Practical Adversarial Attack

Graph Neural Network GNN-based network intrusion detection systems NIDS are often evaluated on single datasets, limiting their ability to generalize under distribution drift. Furthermore, their adversarial robustness is typically assessed using synthetic perturbations that lack realism. This...

CAN-Trace Attack: Exploit CAN Messages to Uncover Driving Trajectories

Driving trajectory data remains vulnerable to privacy breaches despite existing mitigation measures. Traditional methods for detecting driving trajectories typically rely on map-matching the path using Global Positioning System GPS data, which is susceptible to GPS data outage. This paper...

ftrace: Add cond_resched() to ftrace_graph_set_hash()

...

SUSE CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

UBUNTU-CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

CVE-2025-38327 fgraph: Do not enable function_graph tracer when setting funcgraph-args

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is net enabled, it incorrectly enables it. Worse, it unregisters itself when it was never...

Parse Server 安全漏洞

Parse Server is an open source backend from Parse Platform Open Source that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 5.3.0 through 7.5.3 and prior to 8.2.2, which stems from the GraphQL API not validating a sessi...

PT-2025-29049 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contained a flaw in the function graph tracer where enabling the funcgraph-args option incorrectly enabled the tracer, potentially leading to a warning in the accounti...

RAG Safety: Exploring Knowledge Poisoning Attacks to Retrieval-Augmented Generation

Retrieval-Augmented Generation RAG enhances large language models LLMs by retrieving external data to mitigate hallucinations and outdated knowledge issues. Benefiting from the strong ability in facilitating diverse data sources and supporting faithful reasoning, knowledge graphs KGs have been...

Disa: Accurate Learning-Based Static Disassembly with Attentions

For reverse engineering related security domains, such as vulnerability detection, malware analysis, and binary hardening, disassembly is crucial yet challenging. The fundamental challenge of disassembly is to identify instruction and function boundaries. Classic approaches rely on file-format...

PotentRegion4MalDetect: Advanced Features from Potential Malicious Regions for Malware Detection

Malware developers exploit the fact that most detection models focus on the entire binary to extract the feature rather than on the regions of potential maliciousness. Therefore, they reverse engineer a benign binary and inject malicious code into it. This obfuscation technique circumvents the...

Malicious code in graphprotocol-tools-monorepo (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2da3e0dc947efefeb72ffd27d949465798a6e39af182b4634c40e9dc4bed764 Any computer that has this package installed or running should be considered...

CVE-2025-40741

A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files. This could allow an attacker to execute code in the context of the current process...

Bullshark on Narwhal: Implementation-Level Workflow Analysis of Round-Based DAG Consensus in Theory and Practice

Round-based DAGs enable high-performance Byzantine fault-tolerant consensus, yet their technical advantages remain underutilized due to their short history. While research on consensus protocols is active in both academia and industry, many studies overlook implementation-level algorithms, leavin...