279 matches found
EUVD-2016-8948
Malware in sbrugna...
EUVD-2021-2147
Malware in sbrugna...
EUVD-2019-7480
Malware in sbrugna...
EUVD-2022-1149
Malicious code in bioql PyPI...
EUVD-2022-25010
Malicious code in bioql PyPI...
Mapping Quantum Threats: An Engineering Inventory of Cryptographic Dependencies
The emergence of large-scale quantum computers, powered by algorithms like Shor's and Grover's, poses an existential threat to modern public-key cryptography. This vulnerability stems from the ability of these machines to efficiently solve the hard mathematical problems - such as integer...
Malicious code in crypto-primitives-ts (npm)
The package crypto-primitives-ts was found to contain malicious code...
MAL-2025-17735 Malicious code in crypto-primitives-ts (npm)
The package crypto-primitives-ts was found to contain malicious code...
MAL-2025-9263 Malicious code in @protos-team/frontend-primitives (npm)
The package @protos-team/frontend-primitives was found to contain malicious code...
Per-Element Secure Aggregation against Data Reconstruction Attacks in Federated Learning
Federated learning FL enables collaborative model training without sharing raw data, but individual model updates may still leak sensitive information. Secure aggregation SecAgg mitigates this risk by allowing the server to access only the sum of client updates, thereby concealing individual...
Exploring the Secondary Risks of Large Language Models
Ensuring the safety and alignment of Large Language Models is a significant challenge with their growing integration into critical applications and societal functions. While prior research has primarily focused on jailbreak attacks, less attention has been given to non-adversarial failures that...
Black-Box Crypto Is Useless for Pseudorandom Codes
A pseudorandom code is a keyed error-correction scheme with the property that any polynomial number of encodings appear random to any computationally bounded adversary. We show that the pseudorandomness of any code tolerating a constant rate of random errors cannot be based on black-box reduction...
MAL-2025-4613 Malicious code in rosetta-primitives (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 066c537cf24b296d35abde5f38191e4f60c82f7bd0583997251e70bdb2c21052 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rosetta-primitives (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 066c537cf24b296d35abde5f38191e4f60c82f7bd0583997251e70bdb2c21052 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
A Hitchhiker'S Guide to Privacy-Preserving Cryptocurrencies: a Survey on Anonymity, Confidentiality, and Auditability
Cryptocurrencies and central bank digital currencies CBDCs are reshaping the monetary landscape, offering transparency and efficiency while raising critical concerns about user privacy and regulatory compliance. This survey provides a comprehensive and technically grounded overview of...
Understanding the Security Landscape of Embedded Non-Volatile Memories: a Comprehensive Survey
The modern semiconductor industry requires memory solutions that can keep pace with the high-speed demands of high-performance computing. Embedded non-volatile memories eNVMs address these requirements by offering faster access to stored data at an improved computational throughput and efficiency...
CRYPTONITE: Scalable Accelerator Design for Cryptographic Primitives and Algorithms
Cryptographic primitives, consisting of repetitive operations with different inputs, are typically implemented using straight-line C code due to traditional execution on CPUs. Computing these primitives is necessary for secure communication; thus, dedicated hardware accelerators are required in...
kernel: powercap: intel_rapl: Fix off by one in get_rpi()
In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: Fix off by one in getrpi The rp-priv-rpi array is either rpimsr or rpitpmi which have NRRAPLPRIMITIVES number of elements. Thus the needs to be = to prevent an off by one access...
SysAid Server < 24.4.60 b16 Multiple Vulnerabilities
The version of SysAid Server installed on the remote host is prior to 24.4.60 b16. It is, therefore, affected multiple vulnerabilities, including the following: - SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Checkin processing...
CVE-2025-2776
SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...