Subverting AIOps Systems Through Poisoned Input Data

In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts, to detect problems and then suggest or carry out...

CVE-2025-38559

CVE-2025-38559 (Linux kernel) affects the Intel PMT subsystem on x86 platforms. The issue is a NULL pointer dereference in intel_pmt_read() when an ep (endpoint) is missing, leading to kernel oops in crashlog handling. The fix, as described, augments intel_pmt_entry with a pointer to the pcidev t...

CVE-2025-38559 platform/x86/intel/pmt: fix a crashlog NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fix a crashlog NULL pointer access Usage of the intelpmtread for binary sysfs, requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without the ep, the...

CVE-2025-38559

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fix a crashlog NULL pointer access Usage of the intelpmtread for binary sysfs, requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without the ep, the...

Malicious code in @mintstudiouicore/telemetry (npm)

The package @mintstudiouicore/telemetry was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-9104 Malicious code in @mintstudiouicore/telemetry (npm)

The package @mintstudiouicore/telemetry was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

PT-2025-32980 · Zkteco · Zkteco Wl20

Name of the Vulnerable Software and Affected Versions: ZKTeco WL20 affected versions not specified Description: The device stores MQTT credentials and endpoints in plaintext within the firmware. An attacker with physical access can extract the firmware and analyze the binary data to retrieve the...

Linux Distros Unpatched Vulnerability : CVE-2024-21243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and...

CVE-2025-52586

The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write...

CVE-2025-52586

The CVE-2025-52586 issue affects EG4 Electronics EG4 Inverters, where MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext. The root impact described across sources is interception, manipulation, replay, or forging of sensitive commands/data (voltag...

GPU in the Blind Spot: Overlooked Security Risks in Transportation

Graphics processing units GPUs are becoming an essential part of the intelligent transportation system ITS for enabling video-based and artificial intelligence AI based applications. GPUs provide high-throughput and energy-efficient computing for tasks like sensor fusion and roadside video...

Malicious code in internal-plugin-telemetry-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1d9d94ab30d6ec88b722127b9f7fcd84c80e7e5bc2fda3c7865104dea4a0fcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Data-Plane Telemetry to Mitigate Long-Distance BGP Hijacks

Poor security of Internet routing enables adversaries to divert user data through unintended infrastructures hijack. Of particular concern -- and the focus of this paper -- are cases where attackers reroute domestic traffic through foreign countries, exposing it to surveillance, bypassing legal...

PT-2025-33758

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the platform/x86/intel/pmt component of the Linux kernel related to a NULL pointer dereference when using intel pmt read for binary sysfs. This occurs when a pcidev is...

Security update for docker

This update for docker fixes the following issues: Update to Docker 28.2.2-ce bsc1243833, bsc1242114: CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.bsc1239765 CVE-2025-22872:...

MAL-2025-5784 Malicious code in intel-telemetry (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98424c889e7b3842b903e643f3e36c9dba3b84245b5d597fa8f60ea464e79ee2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Mozilla: Microsoft `x-apikey` Exposed in Mozilla CI Public Logs

A Microsoft telemetry API key x-apikey was found exposed in publicly accessible Mozilla CI logs. The key appeared in HTTP POST requests sent to Microsoft's telemetry endpoint during automated Firefox testing and was captured via mitmproxy logs. The security impact was considered minimal as the...

Can One Safety Loop Guard Them All? Agentic Guard Rails for Federated Computing

We propose Guardian-FC, a novel two-layer framework for privacy preserving federated computing that unifies safety enforcement across diverse privacy preserving mechanisms, including cryptographic back-ends like fully homomorphic encryption FHE and multiparty computation MPC, as well as statistic...

Security Bulletin: Malicious clients with network access to the collector may perform a timing attack against a collector with this authenticator to guess the configured tokens, affects watsonx.data

Summary The bearertokenauth extension's server authenticator performs a simple, non-constant time string comparison of the received & configured bearer tokens. This impacts anyone using the bearertokenauth server authenticator. Malicious clients with network access to the collector may perform a...

[SECURITY] Fedora 42 Update: qt6-qtmqtt-6.9.1-1.fc42

MQTT is a machine-to-machine M2M protocol utilizing the publish-and-subscri be paradigm, and provides a channel with minimal communication overhead. The Qt MQTT module provides a standard compliant implementation of the MQTT protocol specification. It enables applications to act as telemetry...