Scoring the Unscorables: Cyber Risk Assessment beyond Internet Scans

In this paper we present a study on using novel data types to perform cyber risk quantification by estimating the likelihood of a data breach. We demonstrate that it is feasible to build a highly accurate cyber risk assessment model using public and readily available technology signatures obtaine...

A Geometric Square-Based Approach to RSA Integer Factorization

We present a new approach to RSA factorization inspired by geometric interpretations and square differences. This method reformulates the problem in terms of the distance between perfect squares and provides a recurrence relation that allows rapid convergence when the RSA modulus has closely spac...

Browser Fingerprinting Using WebAssembly

Web client fingerprinting has become a widely used technique for uniquely identifying users, browsers, operating systems, and devices with high accuracy. While it is beneficial for applications such as fraud detection and personalized experiences, it also raises privacy concerns by enabling...

PYSEC-2025-53

vLLM is an inference and serving engine for large language models LLMs. Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First Token. These timing differences...

GHSA-4QJH-9FV9-R85R Potential Timing Side-Channel Vulnerability in vLLM’s Chunk-Based Prefix Caching

This issue arises from the prefix caching mechanism, which may expose the system to a timing side-channel attack. Description When a new prompt is processed, if the PageAttention mechanism finds a matching prefix chunk, the prefill process speeds up, which is reflected in the TTFT Time to First...

CVE-2025-40653 User enumeration in M3M Printer Server Web

User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine whether a username is valid or not, allowing a brute force attack on valid usernames...

Verifiably Forgotten? Gradient Differences Still Enable Data Reconstruction in Federated Unlearning

Federated Unlearning FU has emerged as a critical compliance mechanism for data privacy regulations, requiring unlearned clients to provide verifiable Proof of Federated Unlearning PoFU to auditors upon data removal requests. However, we uncover a significant privacy vulnerability: when gradient...

Managerial Insights on Investment Strategy in Cybersecurity: Findings from Multi-Country Research

This study examines the strategic role of cybersecurity based on survey data from 1,083 managers across Europe, the UK, and the United States. The findings indicate growing recognition of cybersecurity as a source of competitive advantage, although firms continue to face barriers such as limited...

python: cpython: URL parser allowed square brackets in domain names

A flaw was found in Python. The Python standard library functions urllib.parse.urlsplit and urlparse accept domain names that included square brackets, which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs...

A Numerical Gradient Inversion Attack in Variational Quantum Neural-Networks

The loss landscape of Variational Quantum Neural Networks VQNNs is characterized by local minima that grow exponentially with increasing qubits. Because of this, it is more challenging to recover information from model gradients during training compared to classical Neural Networks NNs. In this...

The Dark Side of the Web: Towards Understanding Various Data Sources in Cyber Threat Intelligence

Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence CTI, such as indicators of compromise, tactics, techniques, and procedures TTPs, or threat feeds from various sources: open source data e.g., social networks, internal...

Zabbix 5.x < 5.0.46rc1 / 6.x < 6.0.38rc1 / 7.0.x < 7.0.9rc1 / 7.2.x < 7.2.3rc1 User Enumeration (ZBX-26255)

The version of Zabbix installed on the remote host affected by a user enumeration vulnerability. Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. Note that Nessus has not tested for this issue but has instead relied only on the...

Timing attacks to guess password in lollms_authentication.py

Description The authenticateuser function in /server/endpoints/lollmsauthentication.py is vulnerable to timing attacks that can be exploited to: Enumerate valid usernames. Guess passwords incrementally by analyzing response time differences. Explanation of the vulnerability def...

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Really interesting research: "How WEIRD is Usable Privacy and Security Research?" by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract : In human factor fields such as human-computer interaction HCI and psychology, researchers have been concerned that participants mostly come from...

Linux Landlock Disable

A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...

DEBIAN-CVE-2025-25292

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely...

DEBIAN-CVE-2025-25291

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently; the parsers can generate entirely...

UBUNTU-CVE-2025-25292

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely...

RUSTSEC-2025-0149 World Writable Directory in /var/log/below Allows Local Privilege Escalation

Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...

World Writable Directory in /var/log/below Allows Local Privilege Escalation

Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...