CVE-2025-6942

Affected product: Delinea Secret Server distributed engine. Versions 8.4.39.0 and earlier (within Secret Server 11.7.49 and earlier) are vulnerable. Root cause: insufficient validation during the initial authorization event, enabling impersonation of another distributed engine. Impact: attacker c...

HexaMorphHash HMH - Homomorphic Hashing for Secure and Efficient Cryptographic Operations in Data Integrity Verification

In the realm of big data and cloud computing, distributed systems are tasked with proficiently managing, storing, and validating extensive datasets across numerous nodes, all while maintaining robust data integrity. Conventional hashing methods, though straightforward, encounter substan tial...

U.S. Agencies Warn of Rising Iranian Cyber Attacks on Defense, OT Networks, and Critical Infrastructure

U.S. cybersecurity and intelligence agencies have issued a joint advisory warning of potential cyber attacks from Iranian state-sponsored or affiliated threat actors. "Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which...

[SECURITY] Fedora 42 Update: salt-3007.4-4.fc42

Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loa...

IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

Traffic anomalies and attacks are commonplace in today's networks and identifying them rapidly and accurately is critical for large network operators. For a statistical intrusion detection system IDS, it is crucial to detect at the flow-level for accurate detection and mitigation. However, existi...

CodeGuard: a Generalized and Stealthy Backdoor Watermarking for Generative Code Models

Generative code models GCMs significantly enhance development efficiency through automated code generation and code summarization. However, building and training these models require computational resources and time, necessitating effective digital copyright protection to prevent unauthorized lea...

Yotta: a Large-Scale Trustless Data Trading Scheme for Blockchain System

Data trading is one of the key focuses of Web 3.0. However, all the current methods that rely on blockchain-based smart contracts for data exchange cannot support large-scale data trading while ensuring data security, which falls short of fulfilling the spirit of Web 3.0. Even worse, there is...

DHS Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

The United States government has warned of cyber attacks mounted by pro-Iranian groups after it launched airstrikes on Iranian nuclear sites as part of the Iran–Israel war that commenced on June 13, 2025. Stating that the ongoing conflict has created a "heightened threat environment" in the...

Privacy-Preserving and Reward-Based Mechanisms of Proof of Engagement

Proof-of-Attendance PoA mechanisms are typically employed to demonstrate a specific user's participation in an event, whether virtual or in-person. The goal of this study is to extend such mechanisms to broader contexts where the user wishes to digitally demonstrate her involvement in a specific...

When Forgetting Triggers Backdoors: a Clean Unlearning Attack

Machine unlearning has emerged as a key component in ensuring Right to be Forgotten, enabling the removal of specific data points from trained models. However, even when the unlearning is performed without poisoning the forget-set clean unlearning, it can be exploited for stealthy attacks that...

A Retrospective on DISPEED -- Leveraging Heterogeneity in a Drone Swarm for IDS Execution

Swarms of drones are gaining more and more autonomy and efficiency during their missions. However, security threats can disrupt their missions' progression. To overcome this problem, Network Intrusion Detection Systems NIDS are promising solutions to detect malicious behavior on network traffic...

Generalization under Byzantine and Poisoning Attacks: Tight Stability Bounds in Robust Distributed Learning

Whitepaper called Generalization Under Byzantine and Poisoning Attacks: Tight Stability Bounds In Robust Distributed Learning...

Centre Driven Controlled Evolution of Wireless Virtual Networks Based on Broadcast Tokens

In a wireless sensor network, the virtual connectivity between nodes is a function of the keys shared between various nodes. Pre-embedding these key configurations in the nodes would make the network inflexible. On the other hand, permitting subsets of nodes to engage in a common key synthesis...

AndroIDS : Android-Based Intrusion Detection System Using Federated Learning

The exponential growth of android-based mobile IoT systems has significantly increased the susceptibility of devices to cyberattacks, particularly in smart homes, UAVs, and other connected mobile environments. This article presents a federated learning-based intrusion detection framework called...

SAFER-D: a Self-Adaptive Security Framework for Distributed Computing Architectures

The rise of the Internet of Things and Cyber-Physical Systems has introduced new challenges on ensuring secure and robust communication. The growing number of connected devices increases network complexity, leading to higher latency and traffic. Distributed computing architectures DCAs have gaine...

candid-extractor (>=0.1.0 <=0.1.2), debug-engine (>=0.1.0 <=0.1.1) +69 more potentially affected by unknown CVE via wasmtime-jit-debug (>=0.35.0 <=1.0.2)

wasmtime-jit-debug CARGO version =0.35.0, =0.1.0, =0.1.0, =0.1.3, =0.4.0, =0.4.0, =0.5.0, =0.0.1-alpha, =0.0.6, =0.11.0, =0.9.0, =0.9.0, =0.9.0, =0.10.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9GHP-W2HM-VFPF...

CVE-2025-33053

Summary of CVE-2025-33053 : A vulnerability in Windows WebDAV/Internet Shortcut handling allows remote code execution when a vulnerable host opens a crafted .url file that points to a WebDAV share. Exploitation relies on the WebClient service resolving UNC paths via WebDAV and may trigger arbitra...

Description of the security update for SharePoint Server 2019: June 10, 2025 (KB5002729)

Description of the security update for SharePoint Server 2019: June 10, 2025 KB5002729 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Word remote code execution vulnerability. To learn more about the vulnerabilities, see the...

Internet Shortcut Files Remote Code Execution Vulnerability

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network...

Microsoft Windows External Control of File Name or Path Vulnerability

Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files...