CISO Spotlight: AJ Debole on the Business-Tech Divide, Breach Readiness, and AI Risks

AJ Debole is Field CISO at Oracle, but her journey began far from the corporate boardroom. After starting out in law and government, she moved into healthcare and cyber defense, where she led teams through ransomware crises. In this spotlight, she explores the next wave of challenges – aligning...

Can Federated Learning Safeguard Private Data in LLM Training? Vulnerabilities, Attacks, and Defense Evaluation

Fine-tuning large language models LLMs with local data is a widely adopted approach for organizations seeking to adapt LLMs to their specific domains. Given the shared characteristics in data across different organizations, the idea of collaboratively fine-tuning an LLM using data from multiple...

Inference Attacks on Encrypted Online Voting Via Traffic Analysis

Online voting enables individuals to participate in elections remotely, offering greater efficiency and accessibility in both governmental and organizational settings. As this method gains popularity, ensuring the security of online voting systems becomes increasingly vital, as the systems...

How CISOs Can Drive Effective AI Governance

AI's growing role in enterprise environments has heightened the urgency for Chief Information Security Officers CISOs to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations...

UBUNTU-CVE-2023-53323

In the Linux kernel, the following vulnerability has been resolved: ext2/dax: Fix ext2setsize when len is page aligned PAGEALIGNx macro gives the next highest value which is multiple of pagesize. But if x is already page aligned then it simply returns x. So, if x passed is 0 in daxzerorange...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ext2setsize function not handling the len parameter page alignment correctly, which could result in...

SUSE CVE-2025-39741

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: don't overflow max copy size With non-page aligned copy, we need to use 4 byte aligned pitch, however the size itself might still be close to our maximum of 8M, and so the dimensions of the copy can easily exceed...

CVE-2025-39741

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: don't overflow max copy size With non-page aligned copy, we need to use 4 byte aligned pitch, however the size itself might still be close to our maximum of 8M, and so the dimensions of the copy can easily exceed...

UBUNTU-CVE-2025-39741

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: don't overflow max copy size With non-page aligned copy, we need to use 4 byte aligned pitch, however the size itself might still be close to our maximum of 8M, and so the dimensions of the copy can easily exceed...

CVE-2025-39741

The CVE-2025-39741 issue affects the Linux kernel DRM Xe migrator (drm/xe/migrate) where copying with non-page-aligned data could overflow the max copy size since the calculated copy dimensions could exceed the S16_MAX limit. The root cause is not fully described in the Initial document alone, bu...

PT-2025-42777

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc3 Description A flaw exists in the Linux kernel related to out-of-bounds access to shadow memory within the Kernel Memory Sanitizer KMSAN. Specifically, when running sha224 kunit on a KMSAN-enabled kerne...

How Leading CISOs are Getting Budget Approval

It's budget season. Once again, security is being questioned, scrutinized, or deprioritized. If you're a CISO or security leader, you've likely found yourself explaining why your program matters, why a given tool or headcount is essential, and how the next breach is one blind spot away. But these...

Neuro-Symbolic AI for Cybersecurity: State of the Art, Challenges, and Opportunities

Traditional Artificial Intelligence AI approaches in cybersecurity exhibit fundamental limitations: inadequate conceptual grounding leading to non-robustness against novel attacks; limited instructibility impeding analyst-guided adaptation; and misalignment with cybersecurity objectives...

VehiclePassport: a GAIA-X-Aligned, Blockchain-Anchored Privacy-Preserving, Zero-Knowledge Digital Passport for Smart Vehicles

Modern vehicles accumulate fragmented lifecycle records across OEMs, owners, and service centers that are difficult to verify and prone to fraud. We propose VehiclePassport, a GAIA-X-aligned digital passport anchored on blockchain with zero-knowledge proofs ZKPs for privacy-preserving verificatio...

Linux Distros Unpatched Vulnerability : CVE-2025-38688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN...

SUSE CVE-2025-38688

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN can wrap resulting in a corrupted iova. Open code the ALIGN using...

SUSE CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...

CVE-2025-38688

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN can wrap resulting in a corrupted iova. Open code the ALIGN using...

UBUNTU-CVE-2025-38690

In the Linux kernel, the following vulnerability has been resolved: drm/xe/migrate: prevent infinite recursion If the buf + offset is not aligned to XECAHELINEBYTES we fallback to using a bounce buffer. However the bounce buffer here is allocated on the stack, and the only alignment requirement...