ChatGPT Deep Research zero-click vulnerability fixed by OpenAI

OpenAI has moved quickly to patch a vulnerability known as “ShadowLeak” before anyone detected real-world abuse. Revealed by researchers yesterday, ShadowLeak was an issue in OpenAI’s Deep Research project that attackers could exploit by simply sending an email to the target. Deep Research was...

EulerOS Virtualization 2.13.1 : expat (EulerOS-SA-2025-2156)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents...

Hierarchical Deep Fusion Framework for Multi-Dimensional Facial Forgery Detection - the 2024 Global Deepfake Image Detection Challenge

The proliferation of sophisticated deepfake technology poses significant challenges to digital security and authenticity. Detecting these forgeries, especially across a wide spectrum of manipulation techniques, requires robust and generalized models. This paper introduces the Hierarchical Deep...

A Practical Adversarial Attack against Sequence-Based Deep Learning Malware Classifiers

Sequence-based deep learning models e.g., RNNs, can detect malware by analyzing its behavioral sequences. Meanwhile, these models are susceptible to adversarial attacks. Attackers can create adversarial samples that alter the sequence characteristics of behavior sequences to deceive malware...

Cyber Attack Mitigation Framework for Denial of Service (DoS) Attacks in Fog Computing

Innovative solutions to cyber security issues are shaped by the ever-changing landscape of cyber threats. Automating the mitigation of these threats can be achieved through a new methodology that addresses the domain of mitigation automation, which is often overlooked. This literature overview...

pentest_compilation

It is an offensive tool for Windows. The repository contains a compilation of commands, tips, and scripts used for penetration testing and red teaming exercises. The provided code snippet is an XML file named "detalle.SettingContent-ms" located in the "Phishing" directory. This file appears to be...

Your Compiler Is Backdooring Your Model: Understanding and Exploiting Compilation Inconsistency Vulnerabilities in Deep Learning Compilers

Deep learning DL compilers are core infrastructure in modern DL systems, offering flexibility and scalability beyond vendor-specific libraries. This work uncovers a fundamental vulnerability in their design: can an official, unmodified compiler alter a model's semantics during compilation and...

EulerOS 2.0 SP12 : polkit (EulerOS-SA-2025-2021)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...

CVE-2025-57806

Local Deep Research is an AI-powered research assistant for deep, iterative research. Versions 0.2.0 through 0.6.7 stored confidential information, including API keys, in a local SQLite database without encryption. This behavior was not clearly documented outside of the database architecture page...

A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.

...

NVIDIA DGX和NVIDIA HGX 安全漏洞

NVIDIA DGX and NVIDIA HGX are both products of NVIDIA Corporation, U.S.A. NVIDIA DGX is a high-performance workstation for deep learning applications.NVIDIA HGX is a modular GPU acceleration platform. A security vulnerability exists in NVIDIA DGX and NVIDIA HGX that stems from an improperly...

Cleartext Storage of Sensitive Information

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in a local SQLite database. An attacker can access sensitive information,...

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant open-sourced by LearningCircuit. A security vulnerability exists in Local Deep Research 0.6.7 and earlier versions, which stems from unencrypted storage of sensitive information such as API keys, and could lead to a data leak...

Forecasting Future DDoS Attacks Using Long Short Term Memory (LSTM) Model

This paper forecasts future Distributed Denial of Service DDoS attacks using deep learning models. Although several studies address forecasting DDoS attacks, they remain relatively limited compared to detection-focused research. By studying the current trends and forecasting based on newer and...

Linux Distros Unpatched Vulnerability : CVE-2022-42321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations e.g. for deleting a sub-tree of Xenstore...

Linux Distros Unpatched Vulnerability : CVE-2018-3719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data MAID vulnerability, which allows a malicious user to modify the...

CLSA-2025-1756305640 nodejs: Fix of CVE-2024-28863

CVE-2024-28863: prevent extraction in excessively deep sub-folders to address unlimited sub-folders vulnerability...

Alibaba Cloud Linux 3 : 0144: pki-deps:10.6 (ALINUX3-SA-2025:0144)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0144 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-52999: jackson-core contains core low-leve...

DRMD: Deep Reinforcement Learning for Malware Detection under Concept Drift

Malware detection in real-world settings must deal with evolving threats, limited labeling budgets, and uncertain predictions. Traditional classifiers, without additional mechanisms, struggle to maintain performance under concept drift in malware domains, as their supervised learning formulation...

CVE-2025-5302

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...