Adaptive Malware Detection Using Sequential Feature Selection: a Dueling Double Deep Q-Network (D3QN) Framework for Intelligent Classification

Traditional malware detection methods exhibit computational inefficiency due to exhaustive feature extraction requirements, creating accuracy-efficiency trade-offs that limit real-time deployment. We formulate malware classification as a Markov Decision Process with episodic feature acquisition a...

Addressing the Devastating Effects of Single-Task Data Poisoning in Exemplar-Free Continual Learning

Our research addresses the overlooked security concerns related to data poisoning in continual learning CL. Data poisoning - the intentional manipulation of training data to affect the predictions of machine learning models - was recently shown to be a threat to CL training stability. While...

ML-Enhanced AES Anomaly Detection for Real-Time Embedded Security

Advanced Encryption Standard AES is a widely adopted cryptographic algorithm, yet its practical implementations remain susceptible to side-channel and fault injection attacks. In this work, we propose a comprehensive framework that enhances AES-128 encryption security through controlled anomaly...

Human-Centered Interactive Anonymization for Privacy-Preserving Machine Learning: a Case for Human-Guided K-Anonymity

Privacy-preserving machine learning ML seeks to balance data utility and privacy, especially as regulations like the GDPR mandate the anonymization of personal data for ML applications. Conventional anonymization approaches often reduce data utility due to indiscriminate generalization or...

This Week in Spring - July 1st, 2025

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's July!! This week, I'm on PTO, and as always, I'm looking for good reading material on the plane ride over for my holiday. Thank goodness for the ever-vibrant and awesome Spring community; there's tons of stuff to dive...

[SECURITY] Fedora 41 Update: moodle-4.4.9-1.fc41

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...

CVE-2025-48497

Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered...

MAL-2025-5447 Malicious code in online-learning-translations (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 868acedaa0c2050db6943bc3a4a1b309e10110417f79ea031b8b01107f4fc599 Any computer that has this package installed or running should be considered...

Malicious code in online-learning-translations (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 868acedaa0c2050db6943bc3a4a1b309e10110417f79ea031b8b01107f4fc599 Any computer that has this package installed or running should be considered...

Malicious code in online-learning-components (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1edfb9c66a33f5e0185fe0ee1fb376f5a4f7974933a07e53f9e23d3281d4fe83 Any computer that has this package installed or running should be considered...

MAL-2025-5446 Malicious code in online-learning-components (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1edfb9c66a33f5e0185fe0ee1fb376f5a4f7974933a07e53f9e23d3281d4fe83 Any computer that has this package installed or running should be considered...

Malicious code in online-learning-ui (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 853a4095a2f08a67260f3c2220bc45ef9484b10db0a4f909560bf36485cb54cf Any computer that has this package installed or running should be considered...

MAL-2025-5448 Malicious code in online-learning-ui (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 853a4095a2f08a67260f3c2220bc45ef9484b10db0a4f909560bf36485cb54cf Any computer that has this package installed or running should be considered...

ARMOR: Robust Reinforcement Learning-Based Control for UAVs under Physical Attacks

Unmanned Aerial Vehicles UAVs depend on onboard sensors for perception, navigation, and control. However, these sensors are susceptible to physical attacks, such as GPS spoofing, that can corrupt state estimates and lead to unsafe behavior. While reinforcement learning RL offers adaptive control...

CVE-2025-48497

Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered...

Multiple vulnerabilities in iroha Board

Overview iroha Board provided by iroha Soft Co., Ltd. contains multiple vulnerabilities listed below. Forced browsing CWE-425 - CVE-2025-41404 Cross-site request forgery CWE-352 - CVE-2025-48497 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to IPA. JPCERT/CC...

iroha Board 跨站请求伪造漏洞

iroha Board is an e-learning system from the Japanese company iroha. A cross-site request forgery vulnerability exists in iroha Board v0.10.12 and earlier versions, which stems from the presence of a cross-site request forgery vulnerability that could lead to the registration of arbitrary learnin...

Adversarial Threats in Quantum Machine Learning: a Survey of Attacks and Defenses

Quantum Machine Learning QML integrates quantum computing with classical machine learning, primarily to solve classification, regression and generative tasks. However, its rapid development raises critical security challenges in the Noisy Intermediate-Scale Quantum NISQ era. This chapter examines...

Boosting Generative Adversarial Transferability with Self-Supervised Vision Transformer Features

The ability of deep neural networks DNNs come from extracting and interpreting features from the data provided. By exploiting intermediate features in DNNs instead of relying on hard labels, we craft adversarial perturbation that generalize more effectively, boosting black-box transferability...

CVE-2025-46101

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model SCORM version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in jsonscorm.php file...