318 matches found
EUVD-2024-51462
Malicious code in bioql PyPI...
EUVD-2024-51460
Malicious code in bioql PyPI...
EUVD-2023-2456
Malicious code in bioql PyPI...
EUVD-2024-43133
Malicious code in bioql PyPI...
PT-2025-36338
Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.26.0 Description: Roo Code is an AI-powered autonomous coding agent. A weakness exists in the command parsing logic due to incorrect handling of Bash parameter expansion and indirect reference. If the agent was...
IMU: Influence-Guided Machine Unlearning
Recent studies have shown that deep learning models are vulnerable to attacks and tend to memorize training data points, raising significant concerns about privacy leakage. This motivates the development of machine unlearning MU, i.e., a paradigm that enables models to selectively forget specific...
PT-2025-37214
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to file descriptor table allocations. When sysctl nr open is set to a very high value, processes attempting to use file descriptors near the...
Counterfactual Influence As a Distributional Quantity
Machine learning models are known to memorize samples from their training data, raising concerns around privacy and generalization. Counterfactual self-influence is a popular metric to study memorization, quantifying how the model's prediction for a sample changes depending on the sample's...
RepuNet: a Reputation System for Mitigating Malicious Clients in DFL
Decentralized Federated Learning DFL enables nodes to collaboratively train models without a central server, introducing new vulnerabilities since each node independently selects peers for model aggregation. Malicious nodes may exploit this autonomy by sending corrupted models model poisoning,...
Unlearning-Enhanced Website Fingerprinting Attack: against Backdoor Poisoning in Anonymous Networks
Website Fingerprinting WF is an effective tool for regulating and governing the dark web. However, its performance can be significantly degraded by backdoor poisoning attacks in practical deployments. This paper aims to address the problem of hidden backdoor poisoning attacks faced by Website...
IF-GUIDE: Influence Function-Guided Detoxification of LLMs
We study how training data contributes to the emergence of toxic behaviors in large-language models. Most prior work on reducing model toxicity adopts $reactive$ approaches, such as fine-tuning pre-trained and potentially toxic models to align them with human values. In contrast, we propose a...
Report on the Malicious Uses of AI
OpenAI just published its annual report on malicious uses of AI. By using AI as a force multiplier for our expert investigative teams, in the three months since our last report we’ve been able to detect, disrupt and expose abusive activity including social engineering, cyber espionage, deceptive...
Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas
Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. "We detected and removed these campaigns before they were able to build authentic audiences on our apps," the social media giant said in its...
CVE-2021-45908
An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted...
ChestyBot: Detecting and Disrupting Chinese Communist Party Influence Stratagems
Foreign information operations conducted by Russian and Chinese actors exploit the United States' permissive information environment. These campaigns threaten democratic institutions and the broader Westphalian model. Yet, existing detection and mitigation strategies often fail to identify active...
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
Artificial intelligence AI company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an "influence-as-a-service" operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used i...
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links
The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024. "The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate," Positive...
Trump 2.0 Brings Cuts to Cyber, Consumer Protections
One month into his second term, President Trump's actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort ...
Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks
Gcore's latest DDoS Radar report analyzes attack data from Q3–Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained...
CVE-2024-13246
Improper Ownership Management vulnerability in Drupal Node Access Rebuild Progressive allows Target Influence via Framing.This issue affects Node Access Rebuild Progressive: from 0.0.0 before 2.0.2...