UBUNTU-CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

A Comparison of Selected Image Transformation Techniques for Malware Classification

Recently, a considerable amount of malware research has focused on the use of powerful image-based machine learning techniques, which generally yield impressive results. However, before image-based techniques can be applied to malware, the samples must be converted to images, and there is no...

Malicious code in image_classification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33e5c05f2c70291fde5a4ace56b3aa015c8c407695c02395a9a4336285e964a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview imageclassification is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-47017 Malicious code in image_classification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 33e5c05f2c70291fde5a4ace56b3aa015c8c407695c02395a9a4336285e964a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Signal-Based Malware Classification Using 1D CNNs

Malware classification is a contemporary and ongoing challenge in cyber-security: modern obfuscation techniques are able to evade traditional static analysis, while dynamic analysis is too resource intensive to be deployed at a large scale. One prominent line of research addresses these limitatio...

Contrastive Self-Supervised Network Intrusion Detection Using Augmented Negative Pairs

Network intrusion detection remains a critical challenge in cybersecurity. While supervised machine learning models achieve state-of-the-art performance, their reliance on large labelled datasets makes them impractical for many real-world applications. Anomaly detection methods, which train...

Human-Written Vs. AI-Generated Code: a Large-Scale Study of Defects, Vulnerabilities, and Complexity

As AI code assistants become increasingly integrated into software development workflows, understanding how their code compares to human-written programs is critical for ensuring reliability, maintainability, and security. In this paper, we present a large-scale comparison of code authored by hum...

Non-Omniscient Backdoor Injection with a Single Poison Sample: Proving the One-Poison Hypothesis for Linear Regression and Linear Classification

Backdoor injection attacks are a threat to machine learning models that are trained on large data collected from untrusted sources; these attacks enable attackers to inject malicious behavior into the model that can be triggered by specially crafted inputs. Prior work has established bounds on th...

CVE-2025-46389

CWE-620: Unverified Password Change...

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

Microsoft on Tuesday announced an autonomous artificial intelligence AI agent that can analyze and classify software without assistance in an effort to advance malware detection efforts. The large language model LLM-powered autonomous malware classification system, currently a prototype, has been...

Leveraging Large Language Models for SQL Behavior-Based Database Intrusion Detection

Database systems are extensively used to store critical data across various domains. However, the frequency of abnormal database access behaviors, such as database intrusion by internal and external attacks, continues to rise. Internal masqueraders often have greater organizational knowledge,...

CVE-2025-8498

A security vulnerability has been detected in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /cart/index.php. Such manipulation of the argument uname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly...

Malicious code in napari-flowering-apple-tree-pixel-classification (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Pulse-Level Simulation of Crosstalk Attacks on Superconducting Quantum Hardware

Hardware crosstalk in multi-tenant superconducting quantum computers poses a severe security threat, allowing adversaries to induce targeted errors across tenant boundaries by injecting carefully engineered pulses. We present a simulation-based study of active crosstalk attacks at the pulse level...

SynthCTI: LLM-Driven Synthetic CTI Generation to Enhance MITRE Technique Mapping

Cyber Threat Intelligence CTI mining involves extracting structured insights from unstructured threat data, enabling organizations to understand and respond to evolving adversarial behavior. A key task in CTI mining is mapping threat descriptions to MITRE ATT&CK techniques. However, this process...

Adversarial Attacks to Image Classification Systems Using Evolutionary Algorithms

Image classification currently faces significant security challenges due to adversarial attacks, which consist of intentional alterations designed to deceive classification models based on artificial intelligence. This article explores an approach to generate adversarial attacks against image...

Safeguarding Federated Learning-Based Road Condition Classification

Federated Learning FL has emerged as a promising solution for privacy-preserving autonomous driving, specifically camera-based Road Condition Classification RCC systems, harnessing distributed sensing, computing, and communication resources on board vehicles without sharing sensitive image data...

Hashed Watermark As a Filter: Defeating Forging and Overwriting Attacks in Weight-Based Neural Network Watermarking

As valuable digital assets, deep neural networks necessitate robust ownership protection, positioning neural network watermarking NNW as a promising solution. Among various NNW approaches, weight-based methods are favored for their simplicity and practicality; however, they remain vulnerable to...

Contrastive-KAN: a Semi-Supervised Intrusion Detection Framework for Cybersecurity with Scarce Labeled Data

In the era of the Fourth Industrial Revolution, cybersecurity and intrusion detection systems are vital for the secure and reliable operation of IoT and IIoT environments. A key challenge in this domain is the scarcity of labeled cyber-attack data, as most industrial systems operate under normal...