MAL-2025-5208 Malicious code in thunderbolt-features-loaders (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee3eda7524a24da1ec85916ab8b93146e2e1399af30190b04b9021b0edbf7d61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Analyzing PDFs like Binaries: Adversarially Robust PDF Malware Analysis Via Intermediate Representation and Language Model

Malicious PDF files have emerged as a persistent threat and become a popular attack vector in web-based attacks. While machine learning-based PDF malware classifiers have shown promise, these classifiers are often susceptible to adversarial attacks, undermining their reliability. To address this...

SUSE CVE-2025-38053

In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...

Fedora 42 : kea (2025-dc6ec0a8e2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-dc6ec0a8e2 advisory. - New version 2.6.3 rhbz2368989 - Fix for: CVE-2025-32801, CVE-2025-32802, CVE-2025-32803 - kea.conf: Remove /tmp/ from socket-name for existing...

DEBIAN-CVE-2025-38053

In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...

DEBIAN-CVE-2025-38020

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Disable MACsec offload for uplink representor profile MACsec offload is not supported in switchdev mode for uplink representors. When switching to the uplink representor profile, the MACsec offload feature must be...

UBUNTU-CVE-2025-38020

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Disable MACsec offload for uplink representor profile MACsec offload is not supported in switchdev mode for uplink representors. When switching to the uplink representor profile, the MACsec offload feature must be...

CVE-2025-38053

In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...

SUSE-SU-2025:01991-1 Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: - Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...

PT-2025-25795

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved. The issue is related to MACsec offload for uplink representor profiles. MACsec offload is not supported in switchdev mode for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the idpf driver accessing null pointers in featurescheck...

Efficient Malware Detection with Optimized Learning on High-Dimensional Features

Malware detection using machine learning requires feature extraction from binary files, as models cannot process raw binaries directly. A common approach involves using LIEF for raw feature extraction and the EMBER vectorizer to generate 2381-dimensional feature vectors. However, the high...

Safety Features for a Centralised AGI Project

Recent AI progress has outpaced expectations, with some experts now predicting AI that matches or exceeds human capabilities in all cognitive areas AGI could emerge this decade, potentially posing grave national and global security threats. AI development is currently occurring primarily in the...

[SECURITY] Fedora 42 Update: valkey-8.0.3-3.fc42

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

Fedora 42 : python-pydantic-core / rust-adblock / rust-cookie_store / etc (2025-04847cb65d)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-04847cb65d advisory. Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 fixing RUSTSEC-2024-0421, rust-url to 2.5.4, rust- adblock to 0.9.6, a...

[SECURITY] Fedora 41 Update: mingw-icu-74.2-4.fc41

ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...

[SECURITY] Fedora 42 Update: qt6-qtspeech-6.9.1-1.fc42

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

[SECURITY] Fedora 42 Update: qt6-qtmultimedia-6.9.1-1.fc42

The Qt Multimedia module provides a rich feature set that enables you to easily take advantage of a platforms multimedia capabilites and hardware. This ranges from the playback and recording of audio and video content to the use of available devices like cameras and radios...

Physical Layer-Based Device Fingerprinting for Wireless Security: from Theory to Practice

The identification of the devices from which a message is received is part of security mechanisms to ensure authentication in wireless communications. Conventional authentication approaches are cryptography-based, which, however, are usually computationally expensive and not adequate in the...

Apple Intelligence Is Gambling on Privacy as a Killer Feature

Many new Apple Intelligence features happen on your device rather than in the cloud. While it may not be flashy, the privacy-centric approach could be a competitive advantage...