Description of the security update for Office 2016: June 10, 2025 (KB5002730)

Description of the security update for Office 2016: June 10, 2025 KB5002730 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common Vulnerabilities and Exposures...

Description of the security update for SharePoint Server 2019 Language Pack: June 10, 2025 (KB5002727)

Description of the security update for SharePoint Server 2019 Language Pack: June 10, 2025 KB5002727 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

Description of the security update for Excel 2016: June 10, 2025 (KB5002735)

Description of the security update for Excel 2016: June 10, 2025 KB5002735 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2025-47165. Note: To apply this...

MicroDicom DICOM Viewer

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

Schneider Electric Modicon Controllers (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

KB5060954: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: June 10, 2025

KB5060954: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: June 10, 2025 Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes fo...

SoK: Machine Unlearning for Large Language Models

Large language model LLM unlearning has become a critical topic in machine learning, aiming to eliminate the influence of specific training data or knowledge without retraining the model from scratch. A variety of techniques have been proposed, including Gradient Ascent, model editing, and...

BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

Executive Summary There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024. This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid...

LLMs Caught in the Crossfire: Malware Requests and Jailbreak Challenges

The widespread adoption of Large Language Models LLMs has heightened concerns about their security, particularly their vulnerability to jailbreak attacks that leverage crafted prompts to generate malicious outputs. While prior research has been conducted on general security capabilities of LLMs,...

Network Threat Detection: Addressing Class Imbalanced Data with Deep Forest

With the rapid expansion of Internet of Things IoT networks, detecting malicious traffic in real-time has become a critical cybersecurity challenge. This research addresses the detection challenges by presenting a comprehensive empirical analysis of machine learning techniques for malware detecti...

ModelForge: Using GenAI to Improve the Development of Security Protocols

Formal methods can be used for verifying security protocols, but their adoption can be hindered by the complexity of translating natural language protocol specifications into formal representations. In this paper, we introduce ModelForge, a novel tool that automates the translation of protocol...

The Scales of Justitia: a Comprehensive Survey on Safety Evaluation of LLMs

With the rapid advancement of artificial intelligence technology, Large Language Models LLMs have demonstrated remarkable potential in the field of Natural Language Processing NLP, including areas such as content generation, human-computer interaction, machine translation, and code generation,...

BIT-JOOMLA-2024-40743 [20240805] - Core - XSS vectors in Outputfilter::strip* methods

The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors...

TracLLM: a Generic Framework for Attributing Long Context LLMs

Long context large language models LLMs are deployed in many real-world applications such as RAG, agent, and broad LLM-integrated applications. Given an instruction and a long context e.g., documents, PDF files, webpages, a long context LLM can generate an output grounded in the provided context,...

DEBIAN-CVE-2025-4517

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter= parameter with a value of...

PSF-2025-7

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

Medium: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when cowfilerange failed CVE-2024-57976 In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dupmmap failures and uprobe registering...

Combining Different Existing Methods for Describing Steganography Hiding Methods

The proliferation of digital carriers that can be exploited to conceal arbitrary data has greatly increased the number of techniques for implementing network steganography. As a result, the literature overlaps greatly in terms of concepts and terminology. Moreover, from a cybersecurity viewpoint,...

A Large Language Model-Supported Threat Modeling Framework for Transportation Cyber-Physical Systems

Modern transportation systems rely on cyber-physical systems CPS, where cyber systems interact seamlessly with physical systems like transportation-related sensors and actuators to enhance safety, mobility, and energy efficiency. However, growing automation and connectivity increase exposure to...

Privacy-Aware, Public-Aligned: Embedding Risk Detection and Public Values into Scalable Clinical Text De-Identification for Trusted Research Environments

Clinical free-text data offers immense potential to improve population health research such as richer phenotyping, symptom tracking, and contextual understanding of patient care. However, these data present significant privacy risks due to the presence of directly or indirectly identifying...