129 matches found
How To Browse Faster and Get More Done Using Adapt Browser
As web browsers evolve into all-purpose platforms, performance and productivity often suffer. Feature overload, excessive background processes, and fragmented workflows can slow down browsing sessions and introduce unnecessary friction, especially for users who rely on the browser as a primary wo...
Post-Quantum Cryptography in the 5G Core
In this work, the conventional cryptographic algorithms used in the 5G Core are replaced with post-quantum alternatives and the practical impact of this transition is evaluated. Using a simulation environment, we model the registration and deregistration of varying numbers of user equipments UEs...
EUVD-2024-26380
In python-jose 3.3.0 specifically jwe.decrypt, a vulnerability allows an attacker to cause a Denial-of-Service DoS condition by crafting a malicious JSON Web Encryption JWE token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant...
Linux Distros Unpatched Vulnerability : CVE-2025-66471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed...
EBPF-PATROL: Protective Agent for Threat Recognition and Overreach Limitation Using EBPF in Containerized and Virtualized Environments
With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies i.e., containerization and virtualization have become foundational. However, strict isolation and maintaining runtime security in these environments has become increasingly challenging. Existing...
kernel: x86/vmscape: Add conditional IBPB mitigation
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...
Securing AI Agent Execution
Large Language Models LLMs have evolved into AI agents that interact with external tools and environments to perform complex tasks. The Model Context Protocol MCP has become the de facto standard for connecting agents with such resources, but security has lagged behind: thousands of MCP servers...
Countermind: A Multi-Layered Security Architecture for Large Language Models
The security of Large Language Model LLM applications is fundamentally challenged by "form-first" attacks like prompt injection and jailbreaking, where malicious instructions are embedded within user inputs. Conventional defenses, which rely on post hoc output filtering, are often brittle and fai...
EUVD-2022-44897
Malicious code in bioql PyPI...
A Lightweight Federated Learning Approach for Privacy-Preserving Botnet Detection in IoT
The rapid growth of the Internet of Things IoT has expanded opportunities for innovation but also increased exposure to botnet-driven cyberattacks. Conventional detection methods often struggle with scalability, privacy, and adaptability in resource-constrained IoT environments. To address these...
SoK: Systematic Analysis of Adversarial Threats against Deep Learning Approaches for Autonomous Anomaly Detection Systems in SDN-IoT Networks
Integrating SDN and the IoT enhances network control and flexibility. DL-based AAD systems improve security by enabling real-time threat detection in SDN-IoT networks. However, these systems remain vulnerable to adversarial attacks that manipulate input data or exploit model weaknesses,...
SandCell: Sandboxing Rust beyond Unsafe Code
Rust is a modern systems programming language that ensures memory safety by enforcing ownership and borrowing rules at compile time. While the unsafe keyword allows programmers to bypass these restrictions, it introduces significant risks. Various approaches for isolating unsafe code to protect...
Multi-Channel Secure Communication Framework for Wireless IoT (MCSC-WoT): Enhancing Security in Internet of Things
In modern smart systems, the convergence of the Internet of Things IoT and Wireless of Things WoT have been revolutionized by offering a broad level of wireless connectivity and communication among various devices. Hitherto, this greater interconnectivity poses important security problems,...
Revisiting Third-Party Library Detection: a Ground Truth Dataset and Its Implications across Security Tasks
Accurate detection of third-party libraries TPLs is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains unclear.We present the first large-scale empirical study of ten...
NodeShield: Runtime Enforcement of Security-Enhanced SBOMs for Node.Js
The software supply chain is an increasingly common attack vector for malicious actors. The Node.js ecosystem has been subject to a wide array of attacks, likely due to its size and prevalence. To counter such attacks, the research community and practitioners have proposed a range of static and...
CAN Networks Security in Smart Grids Communication Technologies
The rapid evolution of smart grids requires effective communication protocols to transfer data reliably and securely. Controller Area Network CAN is one of the most recognized protocols that offer reliable data transmission in smart grids due to its robustness, real-time capabilities, and...
Obfuscated Quantum and Post-Quantum Cryptography
In this work, we present an experimental deployment of a new design for combined quantum key distribution QKD and post-quantum cryptography PQC. Novel to our system is the dynamic obfuscation of the QKD-PQC sequence of operations, the number of operations, and parameters related to the operations...
Secure Development of a Hooking-Based Deception Framework against Keylogging Techniques
Keyloggers remain a serious threat in modern cybersecurity, silently capturing user keystrokes to steal credentials and sensitive information. Traditional defenses focus mainly on detection and removal, which can halt malicious activity but do little to engage or mislead adversaries. In this pape...
Per-Element Secure Aggregation against Data Reconstruction Attacks in Federated Learning
Federated learning FL enables collaborative model training without sharing raw data, but individual model updates may still leak sensitive information. Secure aggregation SecAgg mitigates this risk by allowing the server to access only the sum of client updates, thereby concealing individual...
SenseCrypt: Sensitivity-Guided Selective Homomorphic Encryption for Joint Federated Learning in Cross-Device Scenarios
Homomorphic Encryption HE prevails in securing Federated Learning FL, but suffers from high overhead and adaptation cost. Selective HE methods, which partially encrypt model parameters by a global mask, are expected to protect privacy with reduced overhead and easy adaptation. However, in...