Microsoft Azure Machine Learning Environments Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within Azure Machine Learning Environments. The issue results from predictable...

Empowering Digital Agriculture: a Privacy-Preserving Framework for Data Sharing and Collaborative Research

Data-driven agriculture, which integrates technology and data into agricultural practices, has the potential to improve crop yield, disease resilience, and long-term soil health. However, privacy concerns, such as adverse pricing, discrimination, and resource manipulation, deter farmers from...

Generative AI for Vulnerability Detection in 6G Wireless Networks: Advances, Case Study, and Future Directions

The rapid advancement of 6G wireless networks, IoT, and edge computing has significantly expanded the cyberattack surface, necessitating more intelligent and adaptive vulnerability detection mechanisms. Traditional security methods, while foundational, struggle with zero-day exploits, adversarial...

SPA: Towards More Stealth and Persistent Backdoor Attacks in Federated Learning

Federated Learning FL has emerged as a leading paradigm for privacy-preserving distributed machine learning, yet the distributed nature of FL introduces unique security challenges, notably the threat of backdoor attacks. Existing backdoor strategies predominantly rely on end-to-end label...

Client Clustering Meets Knowledge Sharing: Enhancing Privacy and Robustness in Personalized Peer-To-Peer Learning

The growing adoption of Artificial Intelligence AI in Internet of Things IoT ecosystems has intensified the need for personalized learning methods that can operate efficiently and privately across heterogeneous, resource-constrained devices. However, enabling effective personalized learning in...

SV-LLM: an Agentic Approach for SoC Security Verification Using Large Language Models

Ensuring the security of complex system-on-chips SoCs designs is a critical imperative, yet traditional verification techniques struggle to keep pace due to significant challenges in automation, scalability, comprehensiveness, and adaptability. The advent of large language models LLMs, with their...

WebGuard++: Interpretable Malicious URL Detection Via Bidirectional Fusion of HTML Subgraphs and Multi-Scale Convolutional BERT

URL+HTML feature fusion shows promise for robust malicious URL detection, since attacker artifacts persist in DOM structures. However, prior work suffers from four critical shortcomings: 1 incomplete URL modeling, failing to jointly capture lexical patterns and semantic context; 2 HTML graph...

Autonomous Cyber Resilience Via a Co-Evolutionary Arms Race within a Fortified Digital Twin Sandbox

The convergence of IT and OT has created hyper-connected ICS, exposing critical infrastructure to a new class of adaptive, intelligent adversaries that render static defenses obsolete. Existing security paradigms often fail to address a foundational "Trinity of Trust," comprising the fidelity of...

Secure Multi-Key Homomorphic Encryption with Application to Privacy-Preserving Federated Learning

Whitepaper called Secure Multi-Key Homomorphic Encryption With Application To Privacy-Preserving Federated Learning...

A Hybrid Intrusion Detection System with a New Approach to Protect the Cybersecurity of Cloud Computing

Cybersecurity is one of the foremost challenges facing the world of cloud computing. Recently, the widespread adoption of smart devices in cloud computing environments that provide Internet-based services has become prevalent. Therefore, it is essential to consider the security threats in these...

RepuNet: a Reputation System for Mitigating Malicious Clients in DFL

Decentralized Federated Learning DFL enables nodes to collaboratively train models without a central server, introducing new vulnerabilities since each node independently selects peers for model aggregation. Malicious nodes may exploit this autonomy by sending corrupted models model poisoning,...

PhishingHook: Catching Phishing Ethereum Smart Contracts Leveraging EVM Opcodes

The Ethereum Virtual Machine EVM is a decentralized computing engine. It enables the Ethereum blockchain to execute smart contracts and decentralized applications dApps. The increasing adoption of Ethereum sparked the rise of phishing activities. Phishing attacks often target users through...

KnowML: Improving Generalization of ML-NIDS with Attack Knowledge Graphs

Despite extensive research on Machine Learning-based Network Intrusion Detection Systems ML-NIDS, their capability to detect diverse attack variants remains uncertain. Prior studies have largely relied on homogeneous datasets, which artificially inflate performance scores and offer a false sense ...

CVE-2025-46101

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model SCORM version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in jsonscorm.php file...

CVE-2025-46101

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model SCORM version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in jsonscorm.php file...

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence AI systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. "Unlike direct prompt injections,...

CVE-2025-46101

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model SCORM version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in jsonscorm.php file...

CVE-2025-46101

SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model SCORM version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in jsonscorm.php file...

Beakon Learning Management System Sharable Content Object Reference Model 安全漏洞

Beakon Learning Management System Sharable Content Object Reference Model is a learning management system from Beakon Australia. A security vulnerability exists in Beakon Learning Management System Sharable Content Object Reference Model versions prior to 5.4.3, which is caused by a SQL injection...

Intelligent ARP Spoofing Detection Using Multi-Layered Machine Learning (ML) Techniques for IoT Networks

Address Resolution Protocol ARP spoofing remains a critical threat to IoT networks, enabling attackers to intercept, modify, or disrupt data transmission by exploiting ARP's lack of authentication. The decentralized and resource-constrained nature of IoT environments amplifies this vulnerability,...