SD-CGAN: Conditional Sinkhorn Divergence GAN for DDoS Anomaly Detection in IoT Networks

The increasing complexity of IoT edge networks presents significant challenges for anomaly detection, particularly in identifying sophisticated Denial-of-Service DoS attacks and zero-day exploits under highly dynamic and imbalanced traffic conditions. This paper proposes SD-CGAN, a Conditional...

PT-2025-48296

Name of the Vulnerable Software and Affected Versions versions prior to 2025-58310 Description A permission control issue exists in the distributed component. Successful exploitation could compromise service confidentiality. Recommendations At the moment, there is no information about a newer...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which arises from improper privilege control of distributed components and can be exploited by ...

Apache Kvrocks 安全漏洞

Apache Kvrocks is a distributed key-value NoSQL database from the Apache USA Foundation. Apache Kvrocks suffers from an elevation of privilege vulnerability that is caused by improper privilege management in the RESET command. An attacker can exploit this vulnerability to gain administrator...

CVE-2025-59390

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...

Digital Twin-Driven Secure Access Strategy for SAGIN-Enabled IoT Networks

In space-air-ground integrated networks SAGIN-enabled IoT networks, secure access has become a significant challenge due to the increasing risks of eavesdropping attacks. To address these threats to data confidentiality, this paper proposes a Digital Twin DT-driven secure access strategy. The...

PT-2025-48133

Name of the Vulnerable Software and Affected Versions Apache Druid versions prior to 35.0.0 Description The Apache Druid Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. The secret is generated...

USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

Aggregated Rate Limiting Defends Against Large-Scale and DDoS Attacks

Discover how Akamai’s new aggregated rate limiting strengthens defenses against large-scale, distributed DDoS attacks, and API abuse with smarter detection...

Distributed Edge Inference Changes Everything

...

SUSE-SU-2025:4149-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc124985...

Hiding in the AI Traffic: Abusing MCP for LLM-Powered Agentic Red Teaming

Generative AI is reshaping offensive cybersecurity by enabling autonomous red team agents that can plan, execute, and adapt during penetration tests. However, existing approaches face trade-offs between generality and specialization, and practical deployments reveal challenges such as...

Scalable Hierarchical AI-Blockchain Framework for Real-Time Anomaly Detection in Large-Scale Autonomous Vehicle Networks

The security of autonomous vehicle networks is facing major challenges, owing to the complexity of sensor integration, real-time performance demands, and distributed communication protocols that expose vast attack surfaces around both individual and network-wide safety. Existing security schemes...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that is specifically designed for training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that stems from scripts improperly handling malicious data, which could lea...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988852)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988852 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...

Federated Cyber Defense: Privacy-Preserving Ransomware Detection across Distributed Systems

Detecting malware, especially ransomware, is essential to securing today's interconnected ecosystems, including cloud storage, enterprise file-sharing, and database services. Training high-performing artificial intelligence AI detectors requires diverse datasets, which are often distributed acros...

NextChat 安全漏洞

NextChat is a NextChat open source project for rapid deployment of private ChatGPT web applications. A security vulnerability exists in NextChat 2.16.0 and earlier versions, which stems from a WebDAV proxy failing to normalize or reject point path segments in its wildcard routes, which could lead...

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

cifs: parse_dfs_referrals: prevent oob on malformed input

...

CVE-2025-39663

CVE-2025-39663: XSS in Checkmk’s distributed monitoring allows a compromised remote site to inject malicious HTML into service outputs at the central site. Affected versions: Checkmk older than 2.4.0p14, 2.3.0p39, 2.2.0, and 2.1.0 (eol). Root cause: cross-site scripting via trusted/compromised re...