MCP-DPT: A Defense-Placement Taxonomy and Coverage Analysis for Model Context Protocol Security

The Model Context Protocol MCP enables large language models LLMs to dynamically discover and invoke third-party tools, significantly expanding agent capabilities while introducing a distinct security landscape. Unlike prompt-only interactions, MCP exposes pre-execution artifacts, shared context,...

Beyond the Hype: A Large-Scale Empirical Analysis of On-Chain Transactions in NFT Scams

Non-fungible tokens NFTs serve as a representative form of digital asset ownership and have attracted numerous investors, creators, and tech enthusiasts in recent years. However, related fraud activities, especially phishing scams, have caused significant property losses. There are many graph...

RUSTSEC-2025-0115 tandem_http_server is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

tandem_http_server is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

RUSTSEC-2025-0117 tandem is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

RUSTSEC-2025-0114 tandem_http_client is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

EUVD-2024-0829

Malicious code in bioql PyPI...

EUVD-2024-0169

Malicious code in bioql PyPI...

EUVD-2024-0170

Malicious code in bioql PyPI...

EUVD-2023-0256

Malicious code in bioql PyPI...

EUVD-2024-0168

Malicious code in bioql PyPI...

EUVD-2024-0813

Malicious code in bioql PyPI...

EUVD-2024-0171

Malicious code in bioql PyPI...

A Survey on Privacy-Preserving Computing in the Automotive Domain

As vehicles become increasingly connected and autonomous, they accumulate and manage various personal data, thereby presenting a key challenge in preserving privacy during data sharing and processing. This survey reviews applications of Secure Multi-Party Computation MPC and Homomorphic Encryptio...

Efficient Private Inference Based on Helper-Assisted Malicious Security Dishonest Majority MPC

Private inference based on Secure Multi-Party Computation MPC addresses data privacy risks in Machine Learning as a Service MLaaS. However, existing MPC-based private inference frameworks focuses on semi-honest or honest majority models, whose threat models are overly idealistic, while malicious...

Cascade: Token-Sharded Private LLM Inference

As LLMs continue to increase in parameter size, the computational resources required to run them are available to fewer parties. Therefore, third-party inference services -- where LLMs are hosted by third parties with significant computational resources -- are becoming increasingly popular...

CVE-2025-43863 vantage6 lacks brute-force protection on change password functionality

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality...

CVE-2025-43863 vantage6 lacks brute-force protection on change password functionality

vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. If attacker gets access to an authenticated session, they can try to brute-force the user password by using the change password functionality...

Commitment Schemes for Multi-Party Computation

The paper presents an analysis of Commitment Schemes CSs used in Multi-Party Computation MPC protocols. While the individual properties of CSs and the guarantees offered by MPC have been widely studied in isolation, their interrelation in concrete protocols and applications remains mostly...

Authenticated Private Set Intersection: a Merkle Tree-Based Approach for Enhancing Data Integrity

Private Set Intersection PSI enables secure computation of set intersections while preserving participant privacy, standard PSI existing protocols remain vulnerable to data integrity attacks allowing malicious participants to extract additional intersection information or mislead other parties. I...