FetFIDS: a Feature Embedding Attention Based Federated Network Intrusion Detection Algorithm

Intrusion Detection Systems IDS have an increasingly important role in preventing exploitation of network vulnerabilities by malicious actors. Recent deep learning based developments have resulted in significant improvements in the performance of IDS systems. In this paper, we present FetFIDS,...

Enhance the Machine Learning Algorithm Performance in Phishing Detection with Keyword Features

Recently, we can observe a significant increase of the phishing attacks in the Internet. In a typical phishing attack, the attacker sets up a malicious website that looks similar to the legitimate website in order to obtain the end-users' information. This may cause the leakage of the sensitive...

Developing a Transferable Federated Network Intrusion Detection System

Intrusion Detection Systems IDS are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown...

Attacks and Defenses against LLM Fingerprinting

As large language models are increasingly deployed in sensitive environments, fingerprinting attacks pose significant privacy and security risks. We present a study of LLM fingerprinting from both offensive and defensive perspectives. Our attack methodology uses reinforcement learning to...

INE Named to Training Industry’s 2025 Top 20 Online Learning Library List

Cary, United States, 11th August 2025, CyberNewsWire...

Generative AI for Critical Infrastructure in Smart Grids: a Unified Framework for Synthetic Data Generation and Anomaly Detection

In digital substations, security events pose significant challenges to the sustained operation of power systems. To mitigate these challenges, the implementation of robust defense strategies is critically important. A thorough process of anomaly identification and detection in information and...

EntraGoat - a Deliberately Vulnerable Entra ID Environment

EntraGoat is a deliberately vulnerable Microsoft Entra ID infrastructure designed to simulate real-world identity security misconfigurations and attack vectors. EntraGoat introduces intentional vulnerabilities in your environment to provide a realistic learning platform for security professionals...

BlindGuard: Safeguarding LLM-Based Multi-Agent Systems under Unknown Attacks

The security of LLM-based multi-agent systems MAS is critically threatened by propagation vulnerability, where malicious agents can distort collective decision-making through inter-agent message interactions. While existing supervised defense methods demonstrate promising performance, they may be...

Designing with Deception: ML- and Covert Gate-Enhanced Camouflaging to Thwart IC Reverse Engineering

Integrated circuits ICs are essential to modern electronic systems, yet they face significant risks from physical reverse engineering RE attacks that compromise intellectual property IP and overall system security. While IC camouflage techniques have emerged to mitigate these risks, existing...

VeriPHY: Physical Layer Signal Authentication for Wireless Communication in 5G Environments

Physical layer authentication PLA uses inherent characteristics of the communication medium to provide secure and efficient authentication in wireless networks, bypassing the need for traditional cryptographic methods. With advancements in deep learning, PLA has become a widely adopted technique...

CVE-2025-55006

Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content...

CVE-2025-55006 Frappe Learning Holds Potential for Malicious SVG Upload in Image Upload Feature

Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content...

CVE-2025-55006 Frappe Learning Holds Potential for Malicious SVG Upload in Image Upload Feature

Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content...

CVE-2025-55006

CVE-2025-55006 affects Frappe LMS 2.34.x/2.35.0. The issue stems from an incomplete fix for CVE-2025-55006, enabling cross-site scripting via manipulated input. Remote exploitation is described as possible; an exploit has been made public per connected sources. A remediation is to upgrade to a ve...

CVE-2025-55006 Frappe Learning Holds Potential for Malicious SVG Upload in Image Upload Feature

Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content...

Frappe Learning 输入验证错误漏洞

Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. An input validation error vulnerability exists in Frappe Learning version 2.33.0 and earlier, which stems from insufficient cleanup of uploaded SVG files and could lead to the execution of arbitrary...

PT-2025-32424

Name of the Vulnerable Software and Affected Versions Frappe Learning versions 2.33.0 and below Description Frappe Learning is a learning system designed to help users structure content. The image upload functionality did not properly sanitize uploaded SVG files, allowing users to upload files...

Non-Omniscient Backdoor Injection with a Single Poison Sample: Proving the One-Poison Hypothesis for Linear Regression and Linear Classification

Backdoor injection attacks are a threat to machine learning models that are trained on large data collected from untrusted sources; these attacks enable attackers to inject malicious behavior into the model that can be triggered by specially crafted inputs. Prior work has established bounds on th...

Enhancing Software Vulnerability Detection through Adaptive Test Input Generation Using Genetic Algorithm

Software vulnerabilities continue to undermine the reliability and security of modern systems, particularly as software complexity outpaces the capabilities of traditional detection methods. This study introduces a genetic algorithm-based method for test input generation that innovatively...

RL-MoE: an Image-Based Privacy Preserving Approach in Intelligent Transportation System

The proliferation of AI-powered cameras in Intelligent Transportation Systems ITS creates a severe conflict between the need for rich visual data and the fundamental right to privacy. Existing privacy-preserving mechanisms, such as blurring or encryption, are often insufficient, creating an...