Leveraging Code Cohesion Analysis to Identify Source Code Supply Chain Attacks

Supply chain attacks significantly threaten software security with malicious code injections within legitimate projects. Such attacks are very rare but may have a devastating impact. Detecting spurious code injections using automated tools is further complicated as it often requires deciphering t...

CVE-2025-61330

A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for the root account in the /etc/shadow configuration or even the absence of any password a...

Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months

A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group's expansion to the country beyond Southeast Asia and South America. The activity, which took place from January to May 2025, has been attributed ...

How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys. Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure...

Infrastructure Patterns in Toll Scam Domains: A Comprehensive Analysis of Cybercriminal Registration and Hosting Strategies

Toll scams involve criminals registering fake domains that pretend to be legitimate transportation agencies to trick users into making fraudulent payments. Although these scams are rapidly increasing and causing significant harm, they have not been extensively studied. We present the first...

GRIDAI: Generating and Repairing Intrusion Detection Rules Via Collaboration among Multiple LLM-Based Agents

Rule-based network intrusion detection systems play a crucial role in the real-time detection of Web attacks. However, most existing works primarily focus on automatically generating detection rules for new attacks, often overlooking the relationships between new attacks and existing rules, which...

Securing U.S. Critical Infrastructure: Lessons from Stuxnet and the Ukraine Power Grid Attacks

Industrial Control Systems ICS underpin the United States' critical infrastructure, managing essential services such as power, water, and transportation that are vital to national security and public safety. However, increasing digital integration has exposed these systems to escalating cyber...

Microsoft Exchange Server 输入验证错误漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A spoofing vulnerability exists in Microsoft Exchange Server, which can be exploited by attackers...

Microsoft Playwright 数据伪造问题漏洞

Microsoft Playwright is an automation framework from Microsoft Corporation USA. Microsoft Playwright suffers from a Data Forgery Issue vulnerability, which can be exploited by an attacker to perform spoofing attacks...

Microsoft NTLM 信息泄露漏洞

Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. An information disclosure vulnerability exists in Microsoft NTLM, which can be exploited by an attacker to perform spoofing attacks...

Microsoft Data Sharing Service 竞争条件问题漏洞

Microsoft Data Sharing Service is a built-in data sharing service component of the Windows operating system from Microsoft Corporation USA. A competitive condition vulnerability exists in Microsoft Data Sharing Service, which can be exploited by an attacker to perform spoofing attacks...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Windows File Explorer, which can be exploited by an attacker to perform spoofing attacks...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a spoofing vulnerability, which is caused by a response to a visibilitychange event. An attacker can exploit this vulnerability to conduct spoofing attacks...

DeepTrust: Multi-Step Classification through Dissimilar Adversarial Representations for Robust Android Malware Detection

Over the last decade, machine learning has been extensively applied to identify malicious Android applications. However, such approaches remain vulnerable against adversarial examples, i.e., examples that are subtly manipulated to fool a machine learning model into making incorrect predictions...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows, which can be exploited by attackers to perform spoofing attacks...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Windows File Explorer, which can be exploited by an attacker to perform spoofing attacks...

OpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attack

Just weeks after its release, OpenAI’s Guardrails system was quickly bypassed by researchers. Read how simple prompt injection attacks fooled the system’s AI judges and exposed an ongoing security concern for OpenAI...

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Think your WAF has you covered? Think again. This holiday season, unmonitored JavaScript is a critical oversight allowing attackers to steal payment data while your WAF and intrusion detection systems see nothing. With the 2025 shopping season weeks away, visibility gaps must close now. Get the...

EUVD-2025-33967

Ericsson Network Manager versions prior to ENM 25.2 GA contain a vulnerability that, if exploited, can exfiltrate limited data or redirect victims to other sites or domains...

CVE-2025-31995 HCL Unica MaxAI Workbench is vulnerable to improper input validation

HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc...