Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed the use of uninitialized data in insnrwemulatebits. For Comedi INSNREAD and INSNWRITE instructions on “digital” subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevic...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Comedi: Fixed the initialization of data for instructions that write to sub-devices. It is known that some Comedi sub-device instruction handlers access data elements beyond the first insn-n elements in some cases. The doinsnioct...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits handle insn-n samples. The insnrwemulatebits function is used as a default handler for INSNREAD instructions for sub-devices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is...

APThreatHunter: An Automated Planning-Based Threat Hunting Framework

Cyber attacks threaten economic interests, critical infrastructure, and public health and safety. To counter this, entities adopt cyber threat hunting, a proactive approach that involves formulating hypotheses and searching for attack patterns within organisational networks. Automating cyber thre...

CVE-2025-61301

Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 commit 52e4b43, on 2025-05-17 allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits o...

Injection, Attack and Erasure: Revocable Backdoor Attacks Via Machine Unlearning

Backdoor attacks pose a persistent security risk to deep neural networks DNNs due to their stealth and durability. While recent research has explored leveraging model unlearning mechanisms to enhance backdoor concealment, existing attack strategies still leave persistent traces that may be detect...

EUVD-2012-2770

Malware in sbrugna...

EUVD-2012-2772

Malware in sbrugna...

EUVD-2007-3944

Malware in sbrugna...

EUVD-2009-3966

Malware in sbrugna...

EUVD-2015-8844

Malware in sbrugna...

Adversarial-Resilient RF Fingerprinting: A CNN-GAN Framework for Rogue Transmitter Detection

Radio Frequency Fingerprinting RFF has evolved as an effective solution for authenticating devices by leveraging the unique imperfections in hardware components involved in the signal generation process. In this work, we propose a Convolutional Neural Network CNN based framework for detecting rog...

EUVD-2023-59899

Malicious code in bioql PyPI...

EUVD-2023-52100

Malicious code in bioql PyPI...

From threats to apology, hackers pull child data offline after public backlash

Last week we yelled at some “hackers” that threatened parents after stealing data from their children's nursery. This followed a BBC report that a group calling itself “Radiant” claimed to have stolen sensitive data related to around 8,000 children from nursery chain Kido, which operates in the U...

Hackers threaten parents: Get nursery to pay ransom or we leak your child’s data

Just when you think extortionists can’t sink any lower, along comes a lowlife that manages to surprise you. The BBC reported that a group calling itself "Radiant" claims to have stolen sensitive data related to around 8,000 children from nursery chain Kido, which operates in the UK, US, China, an...

RLCracker: Exposing the Vulnerability of LLM Watermarks with Adaptive RL Attacks

Large Language Models LLMs watermarking has shown promise in detecting AI-generated content and mitigating misuse, with prior work claiming robustness against paraphrasing and text editing. In this paper, we argue that existing evaluations are not sufficiently adversarial, obscuring critical...

CVE-2025-59801

In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xpsunpredicttiff in xpstiff.c because the samplesperpixel value is not checked...

MalEval Android Malware Evaluation Framework

This repository contains the source code of MalEval, an evaluation framework for Android malware behavior auditing, focusing on explaining and substantiating malicious behaviors. The framework provides expert-verified reports, curated metadata, and model outputs to enable reproducible evaluation ...

Linux Distros Unpatched Vulnerability : CVE-2023-53290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out o...