Linux Distros Unpatched Vulnerability : CVE-2023-53011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: enable all safety features by default In the original implementation of dwmac5...

Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses

Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong...

A Transformer-Based Approach for DDoS Attack Detection in IoT Networks

DDoS attacks have become a major threat to the security of IoT devices and can cause severe damage to the network infrastructure. IoT devices suffer from the inherent problem of resource constraints and are therefore susceptible to such resource-exhausting attacks. Traditional methods for detecti...

USN-7691-1 mysql-8.0, mysql-8.4 vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.43 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.04 has been updated to MySQL 8.4.6. In addition to security fixes, the updated packages...

USN-7691-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.43 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Ubuntu 25.04 has been updated to MySQL 8.4.6. In addition to security fixes, the updated packages...

BIT-GITLAB-2025-2867 Improper Control of Generation of Code ('Code Injection') in GitLab

An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized...

Hotfix update for Exchange Server 2019 CU15: April 18, 2025 (KB5050672)

Hotfix update for Exchange Server 2019 CU15: April 18, 2025 KB5050672 Hotfix update for Microsoft Exchange Server 2019 CU15 was released on April 18, 2025. It includes fixes for non-security issues and introduces new features. These fixes and features will also be included in later cumulative...

Hotfix update for Exchange Server 2016 CU23: April 18, 2025 (KB5050674)

Hotfix update for Exchange Server 2016 CU23: April 18, 2025 KB5050674 Hotfix update for Microsoft Exchange Server 2016 CU23 was released on April 18, 2025. It includes fixes for non-security issues and introduces new features.​​​​​​​ Note: This update also includes all the updates that were...

Hypervisor-Based Double Extortion Ransomware Detection Method Using Kitsune Network Features

Double extortion ransomware attacks have become mainstream since many organizations adopt more robust and resilient data backup strategies against conventional crypto-ransomware. This paper presents detailed attack stages, tactics, procedures, and tools used in the double extortion ransomware...

Adobe Commerce 安全漏洞

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has a security vulnerability that can be exploited by an attacker to cause a security feature bypass...

Enhance the Machine Learning Algorithm Performance in Phishing Detection with Keyword Features

Recently, we can observe a significant increase of the phishing attacks in the Internet. In a typical phishing attack, the attacker sets up a malicious website that looks similar to the legitimate website in order to obtain the end-users' information. This may cause the leakage of the sensitive...

OESA-2025-1960 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrmstatehashgeneration seqlock ensures a retry, but the hash...

Membership Inference Attack with Partial Features

Machine learning models have been shown to be susceptible to membership inference attack, which can be used to determine whether a given sample appears in the training data. Existing membership inference methods commonly assume that the adversary has full access to the features of the target...

Security update for kubo (moderate)

openSUSE Security Update: Security update for kubo Announcement ID: openSUSE-SU-2025:0288-1 Rating: moderate References: 1241776 Cross-References: CVE-2025-22872 CVSS scores: CVE-2025-22872 SUSE: 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L Affected Products: openSUSE...

From Split to Share: Private Inference with Distributed Feature Sharing

Cloud-based Machine Learning as a Service MLaaS raises serious privacy concerns when handling sensitive client data. Existing Private Inference PI methods face a fundamental trade-off between privacy and efficiency: cryptographic approaches offer strong protection but incur high computational...

CVE-2025-53357 GLPI permits reservation modification by unauthorized users

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can alter the reservations of another user. Thi...

Empirical Evaluation of Concept Drift in ML-Based Android Malware Detection

Despite outstanding results, machine learning-based Android malware detection models struggle with concept drift, where rapidly evolving malware characteristics degrade model effectiveness. This study examines the impact of concept drift on Android malware detection, evaluating two datasets and...

SAEL: Leveraging Large Language Models with Adaptive Mixture-Of-Experts for Smart Contract Vulnerability Detection

With the increasing security issues in blockchain, smart contract vulnerability detection has become a research focus. Existing vulnerability detection methods have their limitations: 1 Static analysis methods struggle with complex scenarios. 2 Methods based on specialized pre-trained models...

Understanding Concept Drift with Deprecated Permissions in Android Malware Detection

Permission analysis is a widely used method for Android malware detection. It involves examining the permissions requested by an application to access sensitive data or perform potentially malicious actions. In recent years, various machine learning ML algorithms have been applied to Android...

PT-2025-31390

Name of the Vulnerable Software and Affected Versions GLPI versions 0.78 through 10.0.18 Description GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can...