984 matches found
Context-Aware Entity-Relation Extraction for Threat Intelligence Knowledge Graphs
Cybersecurity Knowledge Graphs CKGs unify diverse Cyber Threat Intelligence CTI sources into structured, queryable formats, offering scalable solutions for automating proactive and real-time security responses. Their increasing adoption has significantly enhanced the workflow and decision-making...
CyberThreat-Nlp-Intelligence-System
🛡️ CyberGuard AI — Cyber Threat Intelligence System An AI-p...
Smart Glasses for the Authorities
ICE is developing its own version of smart glasses, with facial recognition tied to various databases...
PT-2026-38438
NPM package node-ts-ocr 1.0.15 is vulnerable to OS Command Injection via the invokeImageOcr function in src/index.js...
Disneyland Now Uses Face Recognition on Visitors
Plus: The NSA tests Anthropic’s Mythos Preview to find vulnerabilities, a Finnish teen is charged over the Scattered Spider hacking spree, and more...
Poster: ClawdGo: Endogenous Security Awareness Training for Autonomous AI Agents
Autonomous AI agents deployed on platforms such as OpenClaw face prompt injection, memory poisoning, supply-chain attacks, and social engineering, yet existing defences address only the platform perimeter, leaving the agent's own threat judgement entirely untrained. We present ClawdGo, a framewor...
[SECURITY] Fedora 44 Update: qt6-qtsensors-6.10.3-1.fc44
The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...
Anviz CX7和Anviz CX2 Lite 安全漏洞
Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...
DRC Central Data Recognition Central Office Services 安全漏洞
DRC Central Data Recognition Central Office Services is an educational assessment data management and processing service system provided by DRC Central in the United States. There is a security vulnerability in DRC Central Data Recognition Central Office Services, which stems from unauthorized...
Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators
More than 70 organizations, including the ACLU, EPIC, and Fight for the Future, say the AI smart glasses feature would endanger abuse victims, immigrants, and LGBTQ+ people...
CVE-2026-35455
immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting XSS in the 360° panorama viewer allows any authenticated user to execute arbitrary JavaScript in the browser of any other user who views the malicious panorama with the OCR...
The threat hunter’s gambit
Welcome to this week's edition of the Threat Source newsletter. " Study hard what interests you the most in the most undisciplined, irreverent and original manner possible." ― Richard Feynman " I had discovered that learning something, no matter how complex, wasn't hard when I had a reason to wan...
CVE-2026-35455
Immich (self-hosted photo/video management) has a Stored XSS in the 360° panorama viewer prior to version 2.7.0. An authenticated user can upload an equirectangular image containing crafted text; OCR extracts it and the panorama viewer renders it via innerHTML without sanitization. This allows ar...
Congratulations to the top MSRC 2026 Q1 security researchers!
Congratulations to all the researchers recognized in this quarter’sMicrosoft Researcher Recognition Programleaderboard! Thank you to everyone for your hard work and continued partnership to secure customers...
Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems
Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...
EUVD-2026-15461
node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to childprocess.exec...
Apple多款产品 安全漏洞
Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...
Security update for util-linux
This update for util-linux fixes the following issues: Security issue: CVE-2026-3184: access control bypass due to improper hostname canonicalization in login bsc1258859. Non security issues: recognize fuse "portal" as a virtual file system bsc1234736. fdisk: fix possible partition overlay and da...
Could your face change what you pay? NYC wants limits on biometric tracking
New York City lawmakers are pushing to ban private businesses from using biometric tools like voice and facial recognition software to track the public. While the desire to use surveillance technology in stores to fight shoplifting is understandable, lawmakers and privacy advocates are worried th...
Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2281 Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability March 18, 2026 CVE Number CVE-2025-66176 SUMMARY A stack-based buffer overflow vulnerability exists in the SADP XML parsin...