984 matches found
TopoReformer: Mitigating Adversarial Attacks Using Topological Purification in OCR Models
Adversarially perturbed images of text can cause sophisticated OCR systems to produce misleading or incorrect transcriptions from seemingly invisible changes to humans. Some of these perturbations even survive physical capture, posing security risks to high-stakes applications such as document...
T2I-Based Physical-World Appearance Attack against Traffic Sign Recognition Systems in Autonomous Driving
Traffic Sign Recognition TSR systems play a critical role in Autonomous Driving AD systems, enabling real-time detection of road signs, such as STOP and speed limit signs. While these systems are increasingly integrated into commercial vehicles, recent research has exposed their vulnerability to...
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news...
CVE-2025-59509 Windows Speech Recognition Information Disclosure Vulnerability
...
CVE-2025-59509 Windows Speech Recognition Information Disclosure Vulnerability
...
CVE-2025-59509
CVE-2025-59509 affects Windows Speech, with the issue described as insertion of sensitive information into data sent by Windows Speech. The impact is local disclosure of information to an authorized attacker. The Connected documents confirm Windows-related fixes and hotpatch updates, but do not p...
CVE-2025-59508 Windows Speech Recognition Elevation of Privilege Vulnerability
...
CVE-2025-59508 Windows Speech Recognition Elevation of Privilege Vulnerability
...
CVE-2025-59508
CVE-2025-59508 is reported in Windows Speech as a race-condition in concurrent execution on a shared resource, enabling local privilege escalation for an authorized attacker. The connected NCSC advisory lists Windows Speech CVE-2025-59508 with an impact of obtaining increased rights. Public detai...
Windows Speech Recognition Information Disclosure Vulnerability
Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally...
Windows Speech Recognition Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Speech allows an authorized attacker to elevate privileges locally...
A Visual Perception-Based Tunable Framework and Evaluation Benchmark for H.265/HEVC ROI Encryption
ROI selective encryption, as an efficient privacy protection technique, encrypts only the key regions in the video, thereby ensuring security while minimizing the impact on coding efficiency. However, existing ROI-based video encryption methods suffer from insufficient flexibility and lack of a...
Smartphone User Fingerprinting on Wireless Traffic
Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
CVE-2025-12108 Missing Authentication for Critical Function Survision License Plate Recognition Camera
The Survision LPR Camera system does not enforce password protection by default. This allows access to the configuration wizard immediately without a login prompt or credentials check...
Survision LPR Camera 访问控制错误漏洞
Survision LPR Camera is a license plate recognition camera from Survision France. An access control error vulnerability exists in Survision LPR Camera that stems from password protection not being enforced by default, which could lead to unauthorized access...
Would you sext ChatGPT? (Lock and Code S06E22)
This week on the Lock and Code podcast … In the final, cold winter months of the year, ChatGPT could be heating up. On October 14, OpenAI CEO Sam Altman said that the "restrictions" that his company previously placed on their flagship product, ChatGPT, would be removed, allowing, perhaps, for...
CVE-2025-43027
CVE-2025-43027 affects Genetec Security Center, with a critical issue in the ALPR Manager role that could allow an attacker to gain administrative access to the system. Public descriptions cite a base score of 9.8 (CVSS v3.1) and network, unauthenticated, no-user-interaction exploitability, causi...
CyberNER: A Harmonized STIX Corpus for Cybersecurity Named Entity Recognition
Extracting structured intelligence via Named Entity Recognition NER is critical for cybersecurity, but the proliferation of datasets with incompatible annotation schemas hinders the development of comprehensive models. While combining these resources is desirable, we empirically demonstrate that...
PT-2025-44402
Name of the Vulnerable Software and Affected Versions Genetec Security Center affected versions not specified Description A critical severity issue has been identified in the ALPR Manager role of Security Center that could allow attackers to gain administrative access to the Genetec Security Cent...