Security Enclave Architecture for Heterogeneous Security Primitives for Supply-Chain Attacks

Designing secure architectures for system-on-chip SoC platforms is a highly intricate and time-intensive task, often requiring months of development and meticulous verification. Even minor architectural oversights can lead to critical vulnerabilities that undermine the security of the entire chip...

SynthGuard: Redefining Synthetic Data Generation with a Scalable and Privacy-Preserving Workflow Framework

The growing reliance on data-driven applications in sectors such as healthcare, finance, and law enforcement underscores the need for secure, privacy-preserving, and scalable mechanisms for data generation and sharing. Synthetic data generation SDG has emerged as a promising approach but often...

Post-Processing in Local Differential Privacy: an Extensive Evaluation and Benchmark Platform

Local differential privacy LDP has recently gained prominence as a powerful paradigm for collecting and analyzing sensitive data from users' devices. However, the inherent perturbation added by LDP protocols reduces the utility of the collected data. To mitigate this issue, several post-processin...

BackFed: an Efficient and Standardized Benchmark Suite for Backdoor Attacks in Federated Learning

Federated Learning FL systems are vulnerable to backdoor attacks, where adversaries train their local models on poisoned data and submit poisoned model updates to compromise the global model. Despite numerous proposed attacks and defenses, divergent experimental settings, implementation errors, a...

ABB RMC-100 安全漏洞

The ABB RMC-100 is a remote modular controller from ABB Switzerland. Capable of managing automation, liquid and gas measurement, asset data centralization for large production and transmission facilities. A security vulnerability exists in the ABB RMC-100 that originates from a stack buffer...

Infinera G42 安全漏洞

Infinera G42 is a modular platform for optical networks from Infinera USA. A security vulnerability exists in Infinera G42 version R6.1.3, which stems from insufficient input validation and could result in file read...

Exploit for CVE-2025-30208

🔥 CVE-2025-30208 Vite Arbitrary File Read Vulnerability Scanne...

Can One Safety Loop Guard Them All? Agentic Guard Rails for Federated Computing

We propose Guardian-FC, a novel two-layer framework for privacy preserving federated computing that unifies safety enforcement across diverse privacy preserving mechanisms, including cryptographic back-ends like fully homomorphic encryption FHE and multiparty computation MPC, as well as statistic...

Risks & Benefits of LLMs & GenAI for Platform Integrity, Healthcare Diagnostics, Cybersecurity, Privacy & AI Safety: a Comprehensive Survey, Roadmap & Implementation Blueprint

Large Language Models LLMs and generative AI GenAI systems such as ChatGPT, Claude, Gemini, LLaMA, and Copilot, developed by OpenAI, Anthropic, Google, Meta, and Microsoft are reshaping digital platforms and app ecosystems while introducing key challenges in cybersecurity, privacy, and platform...

Secure User-Friendly Blockchain Modular Wallet Design Using Android and OP-TEE

Emerging crypto economies still hemorrhage digital assets because legacy wallets leak private keys at almost every layer of the software stack, from user-space libraries to kernel memory dumps. This paper solves that twin crisis of security and interoperability by re-imagining key management as a...

Cost-Effective Optimization and Implementation of the CRT-Paillier Decryption Algorithm for Enhanced Performance

To address the privacy protection problem in cloud computing, privacy enhancement techniques such as the Paillier additive homomorphism algorithm are receiving widespread attention. Paillier algorithm allows addition and scalar multiplication operations in dencrypted state, which can effectively...

tidos-framework

The TIDoS Framework is an open-source, Python-based web application penetration testing framework. It is designed to cover various phases of a penetration test, including reconnaissance, scanning and enumeration, vulnerability analysis, and exploitation. The framework is built on top of the SQLit...

Multi-Modal Multi-Task Federated Foundation Models for Next-Generation Extended Reality Systems: Towards Privacy-Preserving Distributed Intelligence in AR/VR/MR

Extended reality XR systems, which consist of virtual reality VR, augmented reality AR, and mixed reality XR, offer a transformative interface for immersive, multi-modal, and embodied human-computer interaction. In this paper, we envision that multi-modal multi-task M3T federated foundation model...

Symbolic Generation and Modular Embedding of High-Quality Abc-Triples

We present a symbolic identity for generating integer triples $a, b, c$ satisfying $a + b = c$, inspired by structural features of the \emphabc conjecture. The construction uses powers of $2$ and $3$ in combination with modular inversion in $\mathbbZ/3^p\mathbbZ$, leading to a parametric identity...

Chainless Apps: a Modular Framework for Building Apps with Web2 Capability and Web3 Trust

Modern blockchain applications are often constrained by a trade-off between user experience and trust. Chainless Apps present a new paradigm of application architecture that separates execution, trust, bridging, and settlement into distinct compostable layers. This enables app-specific sequencing...

CVE-2024-12153

The GDY Modular Content plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 0.9.92. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

CVE-2020-0576

Buffer overflow in IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access...

CVE-2020-36421

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed...

CVE-2020-0578

Improper conditions check for IntelR Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access...

CVE-2025-46834

Alchemy's Modular Account is a smart contract account that is compatible with ERC-4337 and ERC-6900. In versions on the 2.x branch prior to commit 5e6f540d249afcaeaf76ab95517d0359fde883b0, owners of Modular Accounts can grant session keys scoped external keys to external parties and would use the...