EUVD-2023-33680

Malicious code in bioql PyPI...

Mask-GCG: Are All Tokens in Adversarial Suffixes Necessary for Jailbreak Attacks?

Jailbreak attacks on Large Language Models LLMs have demonstrated various successful methods whereby attackers manipulate models into generating harmful responses that they are designed to avoid. Among these, Greedy Coordinate Gradient GCG has emerged as a general and effective approach that...

Linux Distros Unpatched Vulnerability : CVE-2025-22019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bcachefs: bch2ioctlsubvolumedestroy fixes bch2evictsubvolumeinodes was getting stuck - due to incorrectly pruning the dcache. Also, fix missing permissions...

Linux Distros Unpatched Vulnerability : CVE-2022-49838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Chen: listdel corruption, ffffa035ddf01c18-next is NULL WARNING:...

OESA-2025-1877 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: Do markchainprecision for ARGCONSTALLOCSIZEORZERO Precision markers need to be propagated whenever we have an ARGCONST style argument, as the verifier canno...

OESA-2025-1876 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf: Do markchainprecision for ARGCONSTALLOCSIZEORZERO Precision markers need to be propagated whenever we have an ARGCONST style argument, as the verifier canno...

CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

DESIGN: Encrypted GNN Inference Via Server-Side Input Graph Pruning

Graph Neural Networks GNNs have achieved state-of-the-art performance in various graph-based learning tasks. However, enabling privacy-preserving GNNs in encrypted domains, such as under Fully Homomorphic Encryption FHE, typically incurs substantial computational overhead, rendering real-time and...

S-Leak: Leakage-Abuse Attack against Efficient Conjunctive SSE Via S-Term Leakage

Conjunctive Searchable Symmetric Encryption CSSE enables secure conjunctive searches over encrypted data. While leakage-abuse attacks LAAs against single-keyword SSE have been extensively studied, their extension to conjunctive queries faces a critical challenge: the combinatorial explosion of...

LingoLoop Attack: Trapping MLLMs via Linguistic Context and State Entrapment into Endless Loops

Multimodal Large Language Models MLLMs have shown great promise but require substantial computational resources during inference. Attackers can exploit this by inducing excessive output, leading to resource exhaustion and service degradation. Prior energy-latency attacks aim to increase generatio...

DEBIAN-CVE-2022-49961

In the Linux kernel, the following vulnerability has been resolved: bpf: Do markchainprecision for ARGCONSTALLOCSIZEORZERO Precision markers need to be propagated whenever we have an ARGCONST style argument, as the verifier cannot consider imprecise scalars to be equivalent for the purposes of...

Dual-Priv Pruning : Efficient Differential Private Fine-Tuning in Multimodal Large Language Models

Differential Privacy DP is a widely adopted technique, valued for its effectiveness in protecting the privacy of task-specific datasets, making it a critical tool for large language models. However, its effectiveness in Multimodal Large Language Models MLLMs remains uncertain. Applying Differenti...

FedShield-LLM: a Secure and Scalable Federated Fine-Tuned Large Language Model

Federated Learning FL offers a decentralized framework for training and fine-tuning Large Language Models LLMs by leveraging computational resources across organizations while keeping sensitive data on local devices. It addresses privacy and security concerns while navigating challenges associate...

LPASS: Linear Probes As Stepping Stones for Vulnerability Detection Using Compressed LLMs

Large Language Models LLMs are being extensively used for cybersecurity purposes. One of them is the detection of vulnerable codes. For the sake of efficiency and effectiveness, compression and fine-tuning techniques are being developed, respectively. However, they involve spending substantial...

Efficient Privacy-Preserving Cross-Silo Federated Learning with Multi-Key Homomorphic Encryption

Federated Learning FL is susceptible to privacy attacks, such as data reconstruction attacks, in which a semi-honest server or a malicious client infers information about other clients' datasets from their model updates or gradients. To enhance the privacy of FL, recent studies combined Multi-Key...

Adaptive Pruning of Deep Neural Networks for Resource-Aware Embedded Intrusion Detection on the Edge

Artificial neural network pruning is a method in which artificial neural network sizes can be reduced while attempting to preserve the predicting capabilities of the network. This is done to make the model smaller or faster during inference time. In this work we analyze the ability of a selection...

Nosy Layers, Noisy Fixes: Tackling DRAs in Federated Learning Systems Using Explainable AI

Federated Learning FL has emerged as a powerful paradigm for collaborative model training while keeping client data decentralized and private. However, it is vulnerable to Data Reconstruction Attacks DRA such as "LoKI" and "Robbing the Fed", where malicious models sent from the server to the clie...

SUSE CVE-2022-49838

In the Linux kernel, the following vulnerability has been resolved: sctp: clear outcurr if all frag chunks of current msg are pruned A crash was reported by Zhen Chen: listdel corruption, ffffa035ddf01c18-next is NULL WARNING: CPU: 1 PID: 250682 at lib/listdebug.c:49 listdelentryvalid+0x59/0xe0...

Sponge Attacks on Sensing AI: Energy-Latency Vulnerabilities and Defense Via Model Pruning

Recent studies have shown that sponge attacks can significantly increase the energy consumption and inference latency of deep neural networks DNNs. However, prior work has focused primarily on computer vision and natural language processing tasks, overlooking the growing use of lightweight AI...

Backdoor Attacks against Patch-Based Mixture of Experts

As Deep Neural Networks DNNs continue to require larger amounts of data and computational power, Mixture of Experts MoE models have become a popular choice to reduce computational complexity. This popularity increases the importance of considering the security of MoE architectures. Unfortunately,...