Lucene search
K

3094 matches found

Talos Blog
Talos Blog
added 2026/05/27 10:0 a.m.9 views

Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake

Security teams need high-quality, labeled datasets to train threat hunters and incident responders, validate detection logic, and develop robust analytic models. EvidenceForge helps teams overcome the limitations of anonymized or stale public datasets, while avoiding the cost and complexity of...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.14 views

Backdoor Attacks on Fault Detection and Localization in Cyber-Physical Systems

Cyber-Physical Systems CPS integrate sensing, communication, computation, and control to support critical infrastructure, including smart grids, industrial automation, and control systems. In the electrical utility domain, various controllers are used in CPS to ensure the system detects and...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/05/25 6:0 a.m.16 views

EUVD-2026-31642

A vulnerability in MLflow versions =3.10.1.dev0 allows unauthorized access to multipart upload MPU endpoints when the --serve-artifacts mode is enabled. The authorization logic does not enforce resource-level permission checks for /mlflow-artifacts/mpu/ endpoints, enabling attackers to overwrite...

9CVSS6.3AI score0.00345EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.15 views

"What Is the Problem Space?" Defining Host-Space Adversarial Perturbations against Network Intrusion Detection Systems

Network Intrusion Detection Systems NIDS are now increasingly leveraging Machine Learning ML techniques to detect malicious network activities. Numerous papers have scrutinized the security of ML-based NIDS ML-NIDS by testing them against various attacks involving adversarial perturbations. The...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 7:56 a.m.12 views

Malicious code in sklern (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1495d93dccc77a422f70d192ef4d8dcd53b0c990fff43e68bc2a0eca301e5d10 Package name 'sklern' is a one-character deletion from the top-tier ML package 'sklearn', and its public API linearregression, logisticregression,...

5.9AI score
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.13 views

Cybersecurity of Electric Vehicle Charging Infrastructure: Recent Advances, Open Challenges, and Future Directions

Electric Vehicles EVs have emerged as significant disruptors in the transportation sector over the past decade. Their growing popularity and adoption are accompanied by capital expenditures to deploy charging infrastructure. EV charging infrastructure sits at the intersection of the power grid, t...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.9 views

Innovations in Cardless Artificial Intelligence Banking: A Comprehensive Framework for Cyber Secure and Fraud Mitigation Using Machine Learning Algorithms

The advent of cardless artificial intelligence AI banking heralds a paradigm shift in the financial landscape, offering users unprecedented security and convenience. This paper outlines a comprehensive framework designed to enhance cybersecurity, introduce auto-generated virtual cards, and mitiga...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/19 12:31 p.m.11 views

MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...

9.6CVSS6.1AI score0.00371EPSS
Exploits1References4Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.9 views

Agent Security Is a Systems Problem

We take the position that agent security must be approached as a systems problem: the AI model powering the agent must be treated as an untrusted component, and security invariants must be enforced at the system level. Through this lens, efforts to increase model robustness the dominant viewpoint...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/05/17 4:8 a.m.75 views

Advance_WAF_project_CS

WAFinity - Infinite Protection, Intelligent Detection WAFin...

5.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/16 12:20 a.m.21 views

Chromium: CVE-2026-8531 Heap buffer overflow in WebML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00259EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.7 views

CVE-2026-33833

Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.10 views

EUVD-2026-29580

Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.7 views

CVE-2026-33833

Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

8.2CVSS0.00498EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:59 p.m.32 views

CVE-2026-33833 Azure Machine Learning Notebook Spoofing Vulnerability

...

8.2CVSS0.00498EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:59 p.m.8 views

CVE-2026-33833 Azure Machine Learning Notebook Spoofing Vulnerability

...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:59 p.m.25 views

CVE-2026-33833

Azure Machine Learning is affected where the issue occurs in the downstream component’s output handling, described as an improper neutralization of special elements that enables network spoofing. The CVE-2026-33833 entry notes an attacker could exploit this via a network vector with no user inter...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.12 views

Azure Machine Learning Notebook Spoofing Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network...

8.2CVSS5.8AI score0.00498EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.8 views

Convolutional-Neural-Networks for Deanonymisation of I2P Traffic

This study investigates the potential for deanonymizing services within the Invisible Internet Project I2P network through passive traffic analysis and machine learning techniques. The primary objective is to identify distinctive patterns in I2P traffic despite the encryption of its payload. To...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft Azure Machine Learning 注入漏洞

Microsoft Azure Machine Learning is a machine learning service provided by Microsoft Corporation in the United States. There is an injection vulnerability present in Microsoft Azure Machine Learning. Attackers utilize this vulnerability to carry out phishing attacks...

8.2CVSS5.8AI score0.00498EPSS
Exploits0References2
Rows per page
Query Builder