414 matches found
EUVD-2021-2577
Malware in sbrugna...
EUVD-2022-30348
Malicious code in bioql PyPI...
EUVD-2023-45639
Malicious code in bioql PyPI...
EUVD-2024-2041
Malicious code in bioql PyPI...
EUVD-2024-2020
Malicious code in bioql PyPI...
EUVD-2024-1888
Malicious code in bioql PyPI...
Adaptive Deception Framework with Behavioral Analysis for Enhanced Cybersecurity Defense
This paper presents CADL Cognitive-Adaptive Deception Layer, an adaptive deception framework achieving 99.88% detection rate with 0.13% false positive rate on the CICIDS2017 dataset. The framework employs ensemble machine learning Random Forest, XGBoost, Neural Networks combined with behavioral...
PT-2026-3235
Apache bRPC and Affected Versions Apache bRPC versions prior to 1.15.0 Description Apache bRPC contains a remote command injection flaw in the heap profiler built-in service. The /pprof/heap endpoint does not properly validate the extra options parameter, allowing attackers to execute arbitrary...
CVE-2025-39829 trace/fgraph: Fix the warning caused by missing unregister notifier
In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier callback ftracesuspendnotifiercall already registered WARNING: CPU: 2 PID: 86 at kernel/notifier.c:2...
This Week in Spring - September 16th, 2025
Hi, Spring fans! Welcome to another extra special installment of This Week in Spring , wherein we celebrate a very auspicious day indeed: the release of Java 25 and GraalVM 25! That's right: an incredible new iteration of the JVM has just dropped and with it come a ton of features! Let's go throu...
Exploiting Timing Side-Channels in Quantum Circuits Simulation Via ML-Based Methods
As quantum computing advances, quantum circuit simulators serve as critical tools to bridge the current gap caused by limited quantum hardware availability. These simulators are typically deployed on cloud platforms, where users submit proprietary circuit designs for simulation. In this work, we...
An Unsupervised Learning Approach for a Reliable Profiling of Cyber Threat Actors Reported Globally Based on Complete Contextual Information of Cyber Attacks
Cyber attacks are rapidly increasing with the advancement of technology and there is no protection for our information. To prevent future cyberattacks it is critical to promptly recognize cyberattacks and establish strong defense mechanisms against them. To respond to cybersecurity threats...
Side-Channel Inference of User Activities in AR/VR Using GPU Profiling
Over the past decade, AR/VR devices have drastically changed how we interact with the digital world. Users often share sensitive information, such as their location, browsing history, and even financial data, within third-party apps installed on these devices, assuming a secure environment...
Linux Distros Unpatched Vulnerability : CVE-2019-11248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port...
Linux Distros Unpatched Vulnerability : CVE-2020-11741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users with active profiling to obtain sensitive information about other guests, cau...
Picklescan is missing detection when calling built-in python cProfile.run
Summary Using cProfile.run function, which is a built-in python library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to cProfile.run function in reduce method Then when the victim after checkin...
Study Reveals TikTok, Alibaba, Temu Collect Extensive User Data in America
Incogni finds top foreign apps downloaded in the US harvest names, locations, and emails, sharing them with third parties for ads and profiling...
Towards Scalable and Interpretable Mobile App Risk Analysis Via Large Language Models
Mobile application marketplaces are responsible for vetting apps to identify and mitigate security risks. Current vetting processes are labor-intensive, relying on manual analysis by security professionals aided by semi-automated tools. To address this inefficiency, we propose Mars, a system that...
CVE-2025-38517
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...
CVE-2025-38517
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...