ViPER: Vision-Based Packing-Aware Encoder for Robust Malware Detection

Visualization-based malware detection maps raw binary bytes to grayscale images and applies learned visual classifiers, providing an evasion-resistant and disassembly-free alternative to conventional analysis pipelines. However, executable packing remains a critical failure mode: packed binaries...

MalTree: Tracing Malware Evolution from Embeddings at Scale

Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...

A Novel Byte-Level Flow-To-Image Encoding Method for Network Intrusion Detection Systems

Network-based Intrusion Detection Systems IDS are predominantly trained on tabular flow records, whose one-dimensional representations limit convolutional architectures from exploiting inter-feature spatial correlations. This paper presents a novel byte-level flow-to-image encoding method that...

Real-World Adversarial Attacks on RF-Based Drone Detectors

Radio frequency RF based systems are increasingly used to detect drones by analyzing their RF signal patterns, converting them into spectrogram images which are processed by object detection models. Existing RF attacks against image based models alter digital features, making over-the-air OTA...

A look at an Android ITW DNG exploit

Posted by Benoît Sevens, Google Threat Intelligence Group Introduction Between July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. Thanks to a lead from Meta, these samples came to the attention of Google Threat Intelligence Group. Investigation of these images show...

Multimodal Prompt Injection Attacks: Risks and Defenses for Modern LLMs

Large Language Models LLMs have seen rapid adoption in recent years, with industries increasingly relying on them to maintain a competitive advantage. These models excel at interpreting user instructions and generating human-like responses, leading to their integration across diverse domains,...

BIDO: a Unified Approach to Address Obfuscation and Concept Drift Challenges in Image-Based Malware Detection

To identify malicious Android applications, various malware detection techniques have been proposed. Among them, image-based approaches are considered potential alternatives due to their efficiency and scalability. Recent studies have reported that these approaches suffer significant performance...

Unsupervised Network Anomaly Detection with Autoencoders and Traffic Images

Due to the recent increase in the number of connected devices, the need to promptly detect security issues is emerging. Moreover, the high number of communication flows creates the necessity of processing huge amounts of data. Furthermore, the connected devices are heterogeneous in nature, having...

Emergency Vehicle Lights Can Screw Up a Car's Automated Driving System

Newly published research finds that the flashing lights on police cruisers and ambulances can cause “digital epileptic seizures” in image-based automated driving systems, potentially risking wrecks...

Phishing campaigns are using AMP URLs to avoid detection

Researchers have found a new phishing tactic which uses Google Accelerated Mobile Pages AMP to make URLs look trustworthy. The tactic is designed to slip past both software and users on the lookout for strange and untrustworthy domain names. AMP is an open-source HTML framework designed to make w...

As Long as We’re on the Subject of CAPTCHAs

There are these...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 -u URL, --url URL 目标url -c COMM...

GHSA-PCXQ-28F6-M3FM Firefly III vulnerable to image-based stored XSS

Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$fileid$ attachment viewing...

Potential Captcha Validate Bypass in flask-session-captcha

Impact flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. The captcha.validate function would return None if passed no value e.g. by submitting a request with an empty form. If implementing users were checking th...

CVE-2020-6112

An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which...

CVE-2018-3838

An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image t...

vCenter Server Appliance - Backup/Restore Recommendations

Native File-Based Backup and Restore Recommended vCenter Server Appliance Data Integrity Best Practices recommends using the native file-based backup and restore operations to protect the vCenter Server Appliance. Review: VMware vSphere User Guide: Considerations and Limitations for File-Based...

Mao10CMS v3.1.0存储型xss

简要描述： rt 详细说明： 在发布文章处，插入xss代码 然后查看文章，直接执行了插入的js代码 在测试demo的时候被阿里云的防护拦截了 漏洞证明：...

BlackBerry Enterprise Servers vulnerable to TIFF Image based Exploit

If you are a BlackBerry Enterprise Network user, here is something you need to be careful about. BlackBerry Enterprise Server BES users have been warned that an image-based exploit could allow hackers to access and execute code on the servers used to support corporate users of BlackBerry...

The return of image-based spam

After a two year absence, IBM X-Force is reporting iss.net a significant spike in image-based spam. “Since March 20th, we have been witnessing a rebirth of image-based spam. At first, we saw a small trial of image-based spam, reaching 5-10%. Then, in late April, we saw another blast this time a...