June 10, 2025—KB5060842 (OS Build 26100.4349)

June 10, 2025—KB5060842 OS Build 26100.4349 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview, see the update history page for Windows 11, version 24H2. Follow @WindowsUpdate to find out when new content is...

Microsoft SmartScreen 安全漏洞

Microsoft SmartScreen is a Microsoft-developed security technology designed to help users identify and block potential malware and phishing attacks. A security vulnerability exists in Microsoft SmartScreen. An attacker could exploit the vulnerability to bypass certain features. The following...

DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective

The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...

Rethinking and Exploring String-Based Malware Family Classification in the Era of LLMs and RAG

Malware Family Classification MFC aims to identify the fine-grained family e.g., GuLoader or BitRAT to which a potential malware sample belongs, in contrast to malware detection or sample classification that predicts only an Yes/No. Accurate family identification can greatly facilitate automated...

Wikimedia Mediawiki Scribunto Extension 安全漏洞

Wikimedia Mediawiki Scribunto Extension is a Wikimedia Foundation extension for wiki projects. A security vulnerability exists in Wikimedia Mediawiki Scribunto Extension that stems from improper access control and could lead to unauthorized feature access. The following versions are affected:...

CVE-2025-6920

A flaw was found in the authentication enforcement mechanism of a model inference API in ai-inference-server. All /v1/ endpoints are expected to enforce API key validation. However, the POST /invocations endpoint failed to do so, resulting in an authentication bypass. This vulnerability allows...

PT-2025-27570 · Unknown · Trust Wallet

Name of the Vulnerable Software and Affected Versions: Trust Wallet version 8.45 Description: The issue is related to insufficient validation of the screen lock mechanism, allowing physically proximate attackers to bypass the lock screen and view the wallet balance. Recommendations: For Trust...

CGA-4WHJ-HCCP-785F

Bulletin has no description...

[SECURITY] Fedora 41 Update: trafficserver-9.2.11-1.fc41

Traffic Server is a high-performance building block for cloud services. It's more than just a caching proxy server; it also has support for plugins to build large scale web applications. Key features: Caching - Improve your response time, while reducing server load and bandwidth needs by caching...

Virtuozzo Hybrid Infrastructure 7.0 (7.0.0-250)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, object and core storage, networking, as well as monitoring and alerts. Additionally, this release delivers stability improvements and addresses issues found in previous releases...

[SECURITY] Fedora 41 Update: keylime-agent-rust-0.2.7-5.fc41

Rust agent for Keylime...

kernel: idpf: fix null-ptr-deref in idpf_features_check

A flaw was found in the idpf module in the Linux kernel. A null pointer dereference can be triggered when the driver attempts to use a resource that has already been released, resulting in a denial of service...

Universal and Efficient Detection of Adversarial Data through Nonuniform Impact on Network Layers

Deep Neural Networks DNNs are notoriously vulnerable to adversarial input designs with limited noise budgets. While numerous successful attacks with subtle modifications to original input have been proposed, defense techniques against these attacks are relatively understudied. Existing defense...

CVE-2025-36537 Incorrect Permission Assignment for Critical Resource in TeamViewer Remote Management

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client Full and Host of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The...

CVE-2025-36537 Incorrect Permission Assignment for Critical Resource in TeamViewer Remote Management

Incorrect Permission Assignment for Critical Resource in the TeamViewer Client Full and Host of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The...

Machine Learning with Privacy for Protected Attributes

Differential privacy DP has become the standard for private data analysis. Certain machine learning applications only require privacy protection for specific protected attributes. Using naive variants of differential privacy in such use cases can result in unnecessary degradation of utility. In...

PT-2025-26744 · Teamviewer · Teamviewer

Name of the Vulnerable Software and Affected Versions: TeamViewer versions prior to 15.67 Description: The issue is related to an incorrect permission assignment for a critical resource in the TeamViewer Client, allowing a local unprivileged user to trigger arbitrary file deletion with SYSTEM...

On the Efficacy of Old Features for the Detection of New Bots

For more than a decade now, academicians and online platform administrators have been studying solutions to the problem of bot detection. Bots are computer algorithms whose use is far from being benign: malicious bots are purposely created to distribute spam, sponsor public characters and,...

O2Former:Direction-Aware and Multi-Scale Query Enhancement for SAR Ship Instance Segmentation

Instance segmentation of ships in synthetic aperture radar SAR imagery is critical for applications such as maritime monitoring, environmental analysis, and national security. SAR ship images present challenges including scale variation, object density, and fuzzy target boundary, which are often...

Malicious code in thunderbolt-features-loaders (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee3eda7524a24da1ec85916ab8b93146e2e1399af30190b04b9021b0edbf7d61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...