A week in security (October 20 – October 26)

Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...

CVE-2025-12231 projectworlds Expense Management System Expense Categories create cross site scripting

A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expensecategories/create of the component Expense Categories Page. Such manipulation leads to cross site scripting. It is possible to launch the...

PT-2025-43934

Name of the Vulnerable Software and Affected Versions abhicodebox ModernShop version 20250922 Description A flaw exists in the processing of the /search file within abhicodebox ModernShop. Manipulation of the q argument can lead to cross site scripting, potentially allowing for remote attacks. Th...

Secure Control of Connected and Autonomous Electrified Vehicles under Adversarial Cyber-Attacks

Connected and Autonomous Electrified Vehicles CAEV is the solution to the future smart mobility having benefits of efficient traffic flow and cleaner environmental impact. Although CAEV has advantages they are still susceptible to adversarial cyber attacks due to their autonomous electric operati...

LearnHouse 安全漏洞

LearnHouse is an online learning management system open-sourced by LearnHouse. A security vulnerability exists in LearnHouse 98dfad76aad70711a8113f6c1fdabfccf10509ca and prior versions, which originates in file /api/v1/assignments/assignmentid/tasks/taskid/subfile Improper control of resource...

ROS-20251027-01

Vulnerability in the implementation of application protocols that use the UDP protocol is related to the possibility of of spoofing attacks. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by sending specially crafted packets...

Siemens RUGGEDCOM ROS Devices Use of a Broken or Risky Cryptographic Algorithm (CVE-2025-41223)

The affected devices support the TLSECDHEECDSAWITHAES128CBCSHA256 cipher suite, which uses CBC Cipher Block Chaining mode that is known to be vulnerable to timing attacks. This could allow an attacker to compromise the integrity and confidentiality of encrypted communications. This plugin only...

web-application-vulnerability-scanner

web-application-vulnerability-scanner A Web Application Vul...

sql_injection_analyzer

sqlinjectionanalyzer This is a comprehensive educational t...

Breaking Agent Backbones: Evaluating the Security of Backbone LLMs in AI Agents

AI agents powered by large language models LLMs are being deployed at scale, yet we lack a systematic understanding of how the choice of backbone LLM affects agent security. The non-deterministic sequential nature of AI agents complicates security modeling, while the integration of traditional...

NewStart CGSL MAIN 7.02 : pam Vulnerability (NS-SA-2025-0252)

The remote NewStart CGSL host, running version MAIN 7.02, has pam packages installed that are affected by a vulnerability: - A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to...

Jailbreak Mimicry: Automated Discovery of Narrative-Based Jailbreaks for Large Language Models

Large language models LLMs remain vulnerable to sophisticated prompt engineering attacks that exploit contextual framing to bypass safety mechanisms, posing significant risks in cybersecurity applications. We introduce Jailbreak Mimicry, a systematic methodology for training compact attacker mode...

Harden your identity defense with improved protection, deeper correlation, and richer context

In today’s digital-first enterprise, identities have become the new corporate security perimeter. Hybrid work and cloud-first strategies have dissolved traditional network boundaries and dramatically increased the complexity of identity fabrics. Security teams are left managing a constellation of...

IR Trends Q3 2025: ToolShell attacks dominate, highlighting criticality of segmentation and rapid response

Threat actors predominately exploited public-facing applications for initial access this quarter, with this tactic appearing in over 60 percent of Cisco Talos Incident Response Talos IR engagements - a notable increase from less than 10 percent last quarter. This spike is largely attributable to ...

Enhancing Security in Deep Reinforcement Learning: A Comprehensive Survey on Adversarial Attacks and Defenses

With the wide application of deep reinforcement learning DRL techniques in complex fields such as autonomous driving, intelligent manufacturing, and smart healthcare, how to improve its security and robustness in dynamic and changeable environments has become a core issue in current research...

On the Cybersecurity of LoRaWAN-Based System: A Smart-Lighting Case Study

Cyber-physical systems and the Internet of Things IoT are key technologies in the Industry 4.0 vision. They incorporate sensors and actuators to interact with the physical environment. However, when creating and interconnecting components to form a heterogeneous smart systems architecture, these...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from mobile and web service authentication endpoints that do not...

An Experimental Study of Trojan Vulnerabilities in UAV Autonomous Landing

This study investigates the vulnerabilities of autonomous navigation and landing systems in Urban Air Mobility UAM vehicles. Specifically, it focuses on Trojan attacks that target deep learning models, such as Convolutional Neural Networks CNNs. Trojan attacks work by embedding covert triggers...

Beyond Text: Multimodal Jailbreaking of Vision-Language and Audio Models through Perceptually Simple Transformations

Multimodal large language models MLLMs have achieved remarkable progress, yet remain critically vulnerable to adversarial attacks that exploit weaknesses in cross-modal processing. We present a systematic study of multimodal jailbreaks targeting both vision-language and audio-language models,...

The CISO imperative: Building resilience in an era of accelerated cyberthreats

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the Office of the Chief Information Security...