The Hacker News

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Trivy backdoored, FBI buys location data, iOS DarkSword kit, WhatsApp usernames, Langflow RCE, Cisco FMC zero-day & critical ...

When Today's Network Encryption Becomes Tomorrow's Liability

Network encryption was designed for a world in which adversaries needed to break cryptography in real time to extract value.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
IEEE

C-HIDE: A Steganographic Framework for Robust Data Hiding and Advanced Security Using Coverless Hybrid Image Encryption With AES and ECC

Abstract: Coverless image steganography conceals information without modifying the carrier image, addressing vulnerabilities in traditional methods. However, existing approaches often require ...
IEEE

PAEWS: Public-Key Authenticated Encryption With Wildcard Search Over Outsourced Encrypted Data

Abstract: Public-key Encryption with Keyword Search (PEKS) is a promising cryptographic mechanism that enables a semi-trusted cloud server to perform (on-demand) keyword searches over encrypted data ...
GitHub

HiddenLayer Databricks Model Scanner

HiddenLayer’s Model Scanner integrates with Databricks to automatically scan ML models for vulnerabilities. The autoscan installer that is packaged in this repo will install the necessary notebooks ...
Dark Reading

Attackers Use New Tool to Scan for React2Shell Exposure

New data suggests a cyber espionage group is laying the groundwork for attacks against major industries. The "React2Shell" vulnerability is already almost a few months old, but it's far from over. An ...