524 matches found
AI-Based Crypto Tokens: the Illusion of Decentralized AI?
The convergence of blockchain and artificial intelligence AI has led to the emergence of AI-based tokens, which are cryptographic assets designed to power decentralized AI platforms and services. This paper provides a comprehensive review of leading AI-token projects, examining their technical...
Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign
The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology OT environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security...
Implementing AI Bill of Materials (AI BOM) with SPDX 3.0: a Comprehensive Guide to Creating AI and Dataset Bill of Materials
A Software Bill of Materials SBOM is becoming an increasingly important tool in regulatory and technical spaces to introduce more transparency and security into a project's software supply chain. Artificial intelligence AI projects face unique challenges beyond the security of their software, and...
A Comprehensive Survey of Cybercrimes in India over the Last Decade
Since the 1990s, the integration of technology into daily life has led to the creation of an extensive network of interconnected devices, transforming how individuals and organizations operate. However, this digital transformation has also spurred the rise of cybercrime, criminal activities...
Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox
🚨 CVE-2024-4367: Arbitrary JavaScript Execution in PDF.js Thi...
CVE-2024-43058 Incorrect Type Conversion or Cast in Multimedia Frameworks
Memory corruption while processing IOCTL calls...
CVE-2024-43058
CVE-2024-43058 corresponds to a memory corruption issue occurring when Qualcomm chipset IOCTL calls are processed. The vulnerability affects Qualcomm chipsets and is attributed to a faulty IOCTL handling path, leading to potential impact on confidentiality, integrity, and availability as indicate...
CVE-2024-43058 Incorrect Type Conversion or Cast in Multimedia Frameworks
Memory corruption while processing IOCTL calls...
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology NIST offers a comprehensive set of frameworks that provide...
Linux Distros Unpatched Vulnerability : CVE-2024-38816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can...
Is CTEM Just Another Buzzword or Actually Useful?
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all! Let's face it - cybersecurity teams are drowning in tools,...
The SOC files: Chasing the web shell
Web shells have evolved far beyond their original purpose of basic remote command execution, and many now function more like lightweight exploitation frameworks. These tools often include features such as in-memory module execution and encrypted command-and-control C2 communication, giving...
CISO's Expert Guide To CTEM And Why It Matters
Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management CTEM is the smart approach for proactive cybersecurity. This concise report makes a clear business case for why CTEM's comprehensive approach is the best...
Denial Of Service (DoS)
@sentry/astro, @sentry/aws-serverless, @sentry/bun, @sentry/google-cloud-serverless, @sentry/nestjs, @sentry/nextjs, @sentry/node, @sentry/nuxt, @sentry/remix, @sentry/solidstart and @sentry/sveltekit are vulnerable to Denial of Service DoS. The vulnerability is due to resource exhaustion due to...
CVE-2024-38819
Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously...
Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation
...
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks
A flaw was found in the Spring Framework. Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. This flaw allows an attacker to craft malicious HTTP requests and obtain any file on the file system that is also...
CVE-2024-38819
A flaw was found in the Spring Framework. Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. This flaw allows an attacker to craft malicious HTTP requests and obtain any file on the file system that is also...
[SECURITY] Fedora 40 Update: llama-cpp-b3561-1.fc40
The main goal of llama.cpp is to run the LLaMA model using 4-bit integer quantization on a MacBook Plain C/C++ implementation without dependencies Apple silicon first-class citizen - optimized via ARM NEON, Accelerate and Metal frameworks AVX, AVX2 and AVX512 support for x86 architectures Mixed F...