A Gradient-Optimized TSK Fuzzy Framework for Explainable Phishing Detection

Phishing attacks represent an increasingly sophisticated and pervasive threat to individuals and organizations, causing significant financial losses, identity theft, and severe damage to institutional reputations. Existing phishing detection methods often struggle to simultaneously achieve high...

gnutls security update

3.6.16-8.3fips - Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 Orabug: 33200526 - Allow bigger known RSA modulus sizes when calling rsageneratefips1864keypair directly Orabug: 33200526 - Change Epoch from 1 to 10...

Private Federated Learning Using Preference-Optimized Synthetic Data

In practical settings, differentially private Federated learning DP-FL is the dominant method for training models from private, on-device client data. Recent work has suggested that DP-FL may be enhanced or outperformed by methods that use DP synthetic data Wu et al., 2024; Hou et al., 2024. The...

Firewall Regulatory Networks for Autonomous Cyber Defense

In this paper, we present the principles of designing new self-organising and autonomous management protocol to govern the dynamics of bio-inspired decentralized firewall architecture based on Biological Regularity Networks. The new architecture called Firewall Regulatory Networks FRN exhibits th...

Blockchain Meets Adaptive Honeypots: a Trust-Aware Approach to Next-Gen IoT Security

Edge computing-based Next-Generation Wireless Networks NGWN-IoT offer enhanced bandwidth capacity for large-scale service provisioning but remain vulnerable to evolving cyber threats. Existing intrusion detection and prevention methods provide limited security as adversaries continually adapt the...

ReGraph: a Tool for Binary Similarity Identification

Binary Code Similarity Detection BCSD is not only essential for security tasks such as vulnerability identification but also for code copying detection, yet it remains challenging due to binary stripping and diverse compilation environments. Existing methods tend to adopt increasingly complex...

Residual-Evasive Attacks on ADMM in Distributed Optimization

This paper presents two attack strategies designed to evade detection in ADMM-based systems by preventing significant changes to the residual during the attacked iteration. While many detection algorithms focus on identifying false data injection through residual changes, we show that our attacks...

[SECURITY] Fedora 41 Update: rust-version-ranges-0.1.1-2.fc41

Performance-optimized type for generic version ranges and operations on them...

[SECURITY] Fedora 40 Update: rust-version-ranges-0.1.1-2.fc40

Performance-optimized type for generic version ranges and operations on them...

DualBreach: Efficient Dual-Jailbreaking Via Target-Driven Initialization and Multi-Target Optimization

Recent research has focused on exploring the vulnerabilities of Large Language Models LLMs, aiming to elicit harmful and/or sensitive content from LLMs. However, due to the insufficient research on dual-jailbreaking -- attacks targeting both LLMs and Guardrails, the effectiveness of existing...

[SECURITY] Fedora 42 Update: rust-version-ranges-0.1.1-2.fc42

Performance-optimized type for generic version ranges and operations on them...

BadApex: Backdoor Attack Based on Adaptive Optimization Mechanism of Black-Box Large Language Models

Previous insertion-based and paraphrase-based backdoors have achieved great success in attack efficacy, but they ignore the text quality and semantic consistency between poisoned and clean texts. Although recent studies introduce LLMs to generate poisoned texts and improve the stealthiness,...

CVE-2025-3795

A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-3795

A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-3795 DaiCuo SEO Optimization Settings Section cross site scripting

A vulnerability was found in DaiCuo 1.3.13. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SEO Optimization Settings Section. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclose...

CVE-2025-3795

DaiCuo 1.3.13 is affected by a cross-site scripting (XSS) vulnerability in the SEO Optimization Settings Section. The issue arises from manipulation of an unknown functionality within that component, and the attack can be launched remotely. The exploit has been disclosed publicly. Several sources...

Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks

As cyber threats continue to evolve, securing edge networks has become increasingly challenging due to their distributed nature and resource limitations. Many AI-driven threat detection systems rely on complex deep learning models, which, despite their high accuracy, suffer from two major...

DaiCuo 安全漏洞

DaiCuo DaiCuo is an adaptive backend management framework based on ThinkPHP, Bootstrap and Jquery by China-based DaiCuo. A security vulnerability exists in DaiCuo version 1.3.13, which stems from a cross-site scripting issue in the SEO Optimization Settings component...

Complexity of Post-Quantum Cryptography in Embedded Systems and Its Optimization Strategies

With the rapid advancements in quantum computing, traditional cryptographic schemes like Rivest-Shamir-Adleman RSA and elliptic curve cryptography ECC are becoming vulnerable, necessitating the development of quantum-resistant algorithms. The National Institute of Standards and Technology NIST ha...

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted

Summary Software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a...