OESA-2025-1727 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL deref in ntfsupdatemftmirr If ntfsfillsuper wasn't called then sbi-sb will be equal to NULL. Code should check this ptr before dereferencing...

Robust Anomaly Detection in Network Traffic: Evaluating Machine Learning Models on CICIDS2017

Identifying suitable machine learning paradigms for intrusion detection remains critical for building effective and generalizable security solutions. In this study, we present a controlled comparison of four representative models - Multi-Layer Perceptron MLP, 1D Convolutional Neural Network CNN,...

Differentially Private Bilevel Optimization: Efficient Algorithms with Near-Optimal Rates

Whitepaper called Differentially Private Bilevel Optimization: Efficient Algorithms With Near-Optimal Rates...

From Promise to Peril: Rethinking Cybersecurity Red and Blue Teaming in the Age of LLMs

Large Language Models LLMs are set to reshape cybersecurity by augmenting red and blue team operations. Red teams can exploit LLMs to plan attacks, craft phishing content, simulate adversaries, and generate exploit code. Conversely, blue teams may deploy them for threat intelligence synthesis, ro...

📄 FortiOS SSL-VPN 7.4.4 Insufficient Session Expiration / Cookie Reuse

An insufficient session expiration vulnerability in FortiOS SSL-VPN allows an attacker to reuse stale session cookies after logout, potentially leading to unauthorized access. The SVPNTMPCOOKIE remains valid even after the primary SVPNCOOKIE is invalidated during logout. Versions affected include...

cve

...

Sharpening Kubernetes Audit Logs with Context Awareness

Kubernetes has emerged as the de facto orchestrator of microservices, providing scalability and extensibility to a highly dynamic environment. It builds an intricate and deeply connected system that requires extensive monitoring capabilities to be properly managed. To this account, K8s natively...

Exploit for CVE-2025-7503

Research on V380 CCTV IP Camera CVE-2025-7503 🔒 Summ...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Ncr Terminal_Handler

💼 Breaking Bank-Grade Software: My Public CVE Disclosures in N...

📄 AirKeyboard iOS App 1.0.5 Remote Input Injection

The AirKeyboard iOS application version 1.0.5 exposes a WebSocket server on port 8888 which accepts arbitrary input injection messages from any client. No authentication or pairing process is required. This allows any attacker to type arbitrary keystrokes directly into the victim’s iOS device in...

Bhatt Conjectures: on Necessary-But-Not-Sufficient Benchmark Tautology for Human like Reasoning

The Bhatt Conjectures framework introduces rigorous, hierarchical benchmarks for evaluating AI reasoning and understanding, moving beyond pattern matching to assess representation invariance, robustness, and metacognitive self-awareness. The agentreasoning-sdk demonstrates practical implementatio...

ChineseHarm-Bench: a Chinese Harmful Content Detection Benchmark

Large language models LLMs have been increasingly applied to automated harmful content detection tasks, assisting moderators in identifying policy violations and improving the overall efficiency and accuracy of content review. However, existing resources for harmful content detection are...

Generate-Then-Verify: Reconstructing Data from Limited Published Statistics

Whitepaper called Generate-Then-Verify: Reconstructing Data From Limited Published Statistics...

OS Command Exec, Unix Command Shell, Reverse TCP (via Perl)

Execute an OS command from PHP. Creates an interactive shell via perl Module Options msf use payload/php/unix/cmd/reverseperl msf payloadreverseperl show actions ...actions... msf payloadreverseperl set ACTION msf payloadreverseperl show options ...show and set options... msf payloadreverseperl r...

OS Command Exec, Unix Command Shell, Bind SCTP (via socat)

Execute an OS command from PHP. Creates an interactive shell via socat Module Options msf use payload/php/unix/cmd/bindsocatsctp msf payloadbindsocatsctp show actions ...actions... msf payloadbindsocatsctp set ACTION msf payloadbindsocatsctp show options ...show and set options... msf...

OS Command Exec, Unix Command Shell, Bind TCP (via AWK)

Execute an OS command from PHP. Listen for a connection and spawn a command shell via GNU AWK Module Options msf use payload/php/unix/cmd/bindawk msf payloadbindawk show actions ...actions... msf payloadbindawk set ACTION msf payloadbindawk show options ...show and set options... msf payloadbinda...

📄 Laravel Pulse 1.3.1 Arbitrary Code Injection

Laravel Pulse version 1.3.1 suffers from an arbitrary code injection vulnerability. !/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse...

Mind the Gap: Revealing Security Barriers through Situational Awareness of Small and Medium Business Key Decision-Makers

Key decision-makers in small and medium businesses SMBs often lack the awareness and knowledge to implement cybersecurity measures effectively. To gain a deeper understanding of how SMB executives navigate cybersecurity decision-making, we deployed a mixed-method approach, conducting...

Food-Ordering-System-in-PHP-CodeIgniter-

It is an offensive tool for web application exploitation. This r...

Pixel-Sensitive and Robust Steganography Based on Polar Codes

Steganography is an information hiding technique for covert communication. The core issue in steganography design is the rate-distortion coding problem. Polar codes, which have been proven to achieve the rate-distortion bound for any binary symmetric source, are utilized to design a steganographi...