CVE-2023-30961

Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link...

CVE-2023-3465

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site...

CVE-2021-43708

The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode...

WordPress ReDi Restaurant Reservation plugin <= 24.1209 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Ryan Novotny in WordPress Plugin ReDi Restaurant Reservation versions = 24.1209...

CVE-2019-20634

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...

Wiz Data Foundations: Data Classification

A closer look at Wiz’s data classification engine — including our new Novel Classifiers...

A Systematic Review and Taxonomy for Privacy Breach Classification: Trends, Gaps, and Future Directions

In response to the rising frequency and complexity of data breaches and evolving global privacy regulations, this study presents a comprehensive examination of academic literature on the classification of privacy breaches and violations between 2010-2024. Through a systematic literature review, a...

MalVis: a Large-Scale Image-Based Framework and Dataset for Advancing Android Malware Classification

As technology advances, Android malware continues to pose significant threats to devices and sensitive data. The open-source nature of the Android OS and the availability of its SDK contribute to this rapid growth. Traditional malware detection techniques, such as signature-based, static, and...

Top 10 Best Practices for Effective Data Protection

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective...

WordPress File Manager Advanced Shortcode PRO plugin <= 2.5.6 - Authenticated (Administrator+) Local JavaScript File Inclusion via Shortcode vulnerability

Authenticated Administrator+ Local JavaScript File Inclusion via Shortcode vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin File Manager Advanced Shortcode PRO versions = 2.5.6...

Cutting through Privacy: a Hyperplane-Based Data Reconstruction Attack in Federated Learning

Federated Learning FL enables collaborative training of machine learning models across distributed clients without sharing raw data, ostensibly preserving data privacy. Nevertheless, recent studies have revealed critical vulnerabilities in FL, showing that a malicious central server can manipulat...

CVE-2025-29837

Improper link resolution before file access 'link following' in Windows Installer allows an authorized attacker to disclose information locally...

WordPress Progress Bar plugin <= 2.2.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Progress Bar versions = 2.2.3...

Exploit for CVE-2025-1974

CVE-2025-1974IngressNightmare poc IngressNightmare Script...

LLMs' Suitability for Network Security: a Case Study of STRIDE Threat Modeling

Artificial Intelligence AI is expected to be an integral part of next-generation AI-native 6G networks. With the prevalence of AI, researchers have identified numerous use cases of AI in network security. However, there are almost nonexistent studies that analyze the suitability of Large Language...

Federal Data, Meet your New Bodyguard: DSPM joins Wiz for Government

Wiz is excited to bring Data Security Posture Management DSPM into our FedRAMP authorized offering. DSPM enables organizations requiring FedRAMP to automate classification, policy enforcement, and continuous monitoring for their sensitive cloud data...

InsightIDR AI Alert Triage Automatically Classifies Alerts with 99.93% Accuracy

Rapid7 AI Alert Triage helps SOC analysts quickly and accurately triage thousands of daily alerts, improving efficiency and enabling focus. One universal truth in Security Operations Centers SOCs is that analysts are overwhelmed by the high volume of alerts they receive. In a recent survey, SOC...

Security Bulletin: Potential Oracle Outside In Technology Vulnerabilities Exposed in ECM Products (CVE-2011-2264, CVE-2011-0794, and CVE-2011-0808)

Question Oracle Outside In Technology contains exploitable vulnerabilities in the CorelDRAW CVE-2011-2264 file parser, the File ID SDK CVE-2011-0794, and file filters CVE-2011-0808. Each of these vulnerabilities may allow a remote, unauthenticated user to execute arbitrary code on a vulnerable...

Quantifying the Noise of Structural Perturbations on Graph Adversarial Attacks

Graph neural networks have been widely utilized to solve graph-related tasks because of their strong learning power in utilizing the local information of neighbors. However, recent studies on graph adversarial attacks have proven that current graph neural networks are not robust against malicious...

A Cryptographic Perspective on Mitigation Vs. Detection in Machine Learning

In this paper, we initiate a cryptographically inspired theoretical study of detection versus mitigation of adversarial inputs produced by attackers of Machine Learning algorithms during inference time. We formally define defense by detection DbD and defense by mitigation DbM. Our definitions com...