Self-Purification Mitigates Backdoors in Multimodal Diffusion Language Models

Multimodal Diffusion Language Models MDLMs have recently emerged as a competitive alternative to their autoregressive counterparts. Yet their vulnerability to backdoor attacks remains largely unexplored. In this work, we show that well-established data-poisoning pipelines can successfully implant...

EUVD-2023-48517

Malicious code in bioql PyPI...

Mask-GCG: Are All Tokens in Adversarial Suffixes Necessary for Jailbreak Attacks?

Jailbreak attacks on Large Language Models LLMs have demonstrated various successful methods whereby attackers manipulate models into generating harmful responses that they are designed to avoid. Among these, Greedy Coordinate Gradient GCG has emerged as a general and effective approach that...

CVE-2025-53677

Jenkins Xooa Plugin 0.0.7 and earlier does not mask the Xooa Deployment Token on the global configuration form, increasing the potential for attackers to observe and capture it...

CVE-2025-53674

Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it...

PT-2025-28926 · Jenkins · Jenkins Sensedia Api Platform Tools Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0 Description: The Jenkins Sensedia Api Platform Tools Plugin does not mask the Sensedia API Manager integration token on the global configuration form, potentially allowing attackers to...

CVE-2023-50777

Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2023-44158

Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

CVE-2023-44158

Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 Linux, Windows before build 35979...

CVE-2023-44158

CVE-2023-44158 affects Acronis Cyber Protect 15 (Linux, Windows) prior to build 35979. The root cause is insufficient masking of the token field, leading to potential disclosure of sensitive information. The CVE entry indicates a high confidentiality impact but does not detail exploitability; exp...

PT-2023-5780 · Acronis · Acronis Cyber Protect 15 +1

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect 15 versions prior to build 35979 Description: The issue is related to sensitive information disclosure due to insufficient token field masking. This could allow a remote attacker to gain unauthorized access to protected...

PT-2023-22760 · Hashicorp +1 · Hashicorp Consul +2

Name of the Vulnerable Software and Affected Versions: Jenkins Consul KV Builder Plugin versions 2.0.13 and earlier Description: The issue concerns the storage and display of the HashiCorp Consul ACL Token in the Jenkins Consul KV Builder Plugin. Specifically, the token is stored unencrypted in t...