HSEC-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes

git-annex plaintext storage of embedded credentials on encrypted remotes git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes was set, and the remote used encryption=pubkey or encryption=hybrid, the embedded AWS credentials were stored in the Git repository in effectively...

HSEC-2023-0012 git-annex checksum exposure to encrypted special remotes

git-annex checksum exposure to encrypted special remotes A bug exposed the checksum of annexed files to encrypted special remotes, which are not supposed to have access to the checksum of the un-encrypted file. This only occurred when resuming uploads to the encrypted special remote, so it is...

HSEC-2023-0011 git-annex GPG decryption attack via compromised remote

git-annex GPG decryption attack via compromised remote A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG key. This attack could be used to expose encrypted data that was never stored in git-annex. Daniel Dent discovered this...

Google Launches 'Private AI Compute' — Secure AI Processing with On-Device-Level Privacy

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence AI queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences,...

CVE-2025-63289

CVE-2025-63289 affects the Sogexia Android App: Compile Affected SDK v35, Max SDK 32, with a fix in v36. The vulnerability arises from hardcoded encryption keys in the encryption_helper.dart file, which could impact data confidentiality and integrity. Remediation: update to SDK version 36 (or the...

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard...

kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

kernel: smb: client: Add check for next_buffer in receive_encrypted_standard()

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

Stale Translation Lookaside Buffer (TLB) Entry Vulnerability

Summary An internally reported microcode bug in some EPYC™ AMD CPUs could allow a local admin-privileged attacker to run SEV-SNP Secure Encrypted Virtualization - Secure Nested Paging guests using stale TLB entries. This bug could allow SNP active vCPUs to reuse TLB entries from other virtual...

SUSE CVE-2025-58356

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

SteganoSNN: SNN-Based Audio-In-Image Steganography with Encryption

Secure data hiding remains a fundamental challenge in digital communication, requiring a careful balance between computational efficiency and perceptual transparency. The balance between security and performance is increasingly fragile with the emergence of generative AI systems capable of...

Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic

Microsoft has disclosed details of a novel side-channel attack targeting remote language models that could enable a passive adversary with capabilities to observe network traffic to glean details about model conversation topics despite encryption protections under certain circumstances. This...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

[SECURITY] Fedora 42 Update: keepassxc-2.7.10-4.fc42

KeePassXC is a community fork of KeePassX KeePassXC is an application for people with extremely high demands on secure personal data management. KeePassXC saves many different information e.g. user names, passwords, urls, attachemts and comments in one single database. For a better management...

Large Language Models for Cyber Security

This paper studies the integration off Large Language Models into cybersecurity tools and protocols. The main issue discussed in this paper is how traditional rule-based and signature based security systems are not enough to deal with modern AI powered cyber threats. Cybersecurity industry is...

Whisper Leak: A Side-Channel Attack on Large Language Models

Large Language Models LLMs are increasingly deployed in sensitive domains including healthcare, legal services, and confidential communications, where privacy is paramount. This paper introduces Whisper Leak, a side-channel attack that infers user prompt topics from encrypted LLM traffic by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989446)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989446 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/ioremap: Map EFI-reserved memory as encrypted for SEV Some drivers require memory that is...

Exploit for Deserialization of Untrusted Data in Microsoft

WSUS-CVE-2025-59287-RCE CVE-2025-59287 is a critical CVSS...

Astra Linux – Vulnerability in Firefox, Thunderbird

An attacker was able to cause memory corruption in the GMP process, which handles encrypted media. This process is also highly sandboxed, but it operates with slightly different privileges compared to the content process. This vulnerability has been fixed in Firefox 142, Firefox ESR 115.27, Firef...