aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6442 items

L-VAKMC: Lightweight Authentication and Dynamic Key Agreement for VANET Multi-Entity Communications

inforesearchPeer-Reviewed
security
Dec 17, 2025

This paper presents L-VAKMC, a lightweight authentication protocol designed for VANETs (vehicular ad hoc networks, where cars communicate wirelessly with each other and roadside infrastructure). The protocol uses elliptic-curve cryptography (a mathematical method for secure communication), hash-based commitments, and ephemeral key exchange (temporary security keys that change frequently) to securely authenticate different types of communications in vehicular systems while keeping computational demands low. The authors tested the protocol and found it resists common attacks and works efficiently in real-time vehicle environments.

IEEE Xplore (Security & AI Journals)

Model Steganography During Model Compression

inforesearchPeer-Reviewed
security

ChargerWhisper: Acoustic Side-Channel Attack Exploiting Fast Charger

inforesearchPeer-Reviewed
security

Spurious Local Minima Provably Exist for Deep CNNs: Theory and Application

inforesearchPeer-Reviewed
research

CVE-2025-68263: In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipc_msg_send_requ

infovulnerability
security
Dec 16, 2025
CVE-2025-68263

A use-after-free vulnerability (UAF, a bug where code accesses memory that has already been freed) was found in the Linux kernel's ksmbd component. The problem occurred when ipc_msg_send_request() freed memory while handle_response() was simultaneously trying to write data to it, causing a crash. This happened because the two functions didn't use the same lock (ipc_msg_table_lock, a mechanism that prevents multiple tasks from accessing shared data at the same time) when accessing shared data.

Fully Perturbed Self-Ensemble Framework Using Cascaded Parallel CNN-Transformer for Semisupervised Medical Image Segmentation

inforesearchPeer-Reviewed
research

Thinking Outside The Box [dusted off draft from 2017]

infonews
security
Dec 16, 2025

This post describes a vulnerability in VirtualBox's NAT (network address translation, a mode that makes VM traffic look like it comes from the host computer) networking code, specifically in how it manages memory for packet data using a custom zone allocator. The vulnerability exists because safety checks that verify memory integrity use Assert() statements, which are disabled in the standard release builds of VirtualBox that users download, allowing potential exploitation.

Windows Exploitation Techniques: Winning Race Conditions with Path Lookups

infonews
security
Dec 16, 2025

This article explains race condition vulnerabilities (security gaps that occur when a system state changes between a security check and a resource access) in Windows and describes techniques to expand the narrow time window needed to exploit them. The author focuses on slowing down the Object Manager Namespace lookup process (the kernel system that finds named objects like files and events in Windows NT) by manipulating Symbolic Links (redirects in the object naming system) to create larger exploitation windows.

MPS-Fuzz: An Enhanced Fine-Grained Fuzzing Based on Units With Multiple Inputs and Outputs

inforesearchPeer-Reviewed
security

Fully Private Shortest Path Computation With Single-Round Interaction

inforesearchPeer-Reviewed
research

Trap: Mitigating Poisoning-Based Backdoor Attacks by Treating Poison With Poison

inforesearchPeer-Reviewed
security

FLEX: Flexible Linked EXecution for Real-Time Embedded Hotpatching

inforesearchPeer-Reviewed
research

MDA-SMuSha: An Efficient and Flexible Multi-Dimensional Data Aggregation Scheme for Privacy-Preservation in Smart Grids

inforesearchPeer-Reviewed
security

PDRU: A Privacy-Preserving Dual Reputation Updating Scheme With Multi-Dimensional Feedback Scores in Vehicle Platoon

inforesearchPeer-Reviewed
research

Dynamic Attention Analysis for Backdoor Detection in Text-to-Image Diffusion Models

inforesearchPeer-Reviewed
security

CVE-2025-67819: An issue was discovered in Weaviate OSS before 1.33.4. Due to a lack of validation of the fileName field in the transfer

mediumvulnerability
security
Dec 12, 2025
CVE-2025-67819

Weaviate OSS (open-source software) versions before 1.33.4 have a vulnerability where the fileName field is not properly validated in the transfer logic. An attacker who can call the GetFile method while a shard (a part of a database) is paused and the FileReplicationService (the system that copies files) is accessible could read any files that the service has permission to access.

CVE-2025-67818: An issue was discovered in Weaviate OSS before 1.33.4. An attacker with access to insert data into the database can craf

highvulnerability
security
Dec 12, 2025
CVE-2025-67818

Weaviate OSS (an open-source vector database) before version 1.33.4 has a path traversal vulnerability (a bug where an attacker can access files outside the intended directory using tricks like ../../..) that allows attackers with database write access to escape the backup restore location and create or overwrite files elsewhere on the system. This could let attackers modify critical files within the application's permissions.

Exploring the Agentic Metaverse’s Potential for Transforming Cybersecurity Workforce Development

inforesearchPeer-Reviewed
research

Special Issue Editorial: Brave New Work and the Future of Computing Professionals (Part 1)

inforesearchPeer-Reviewed
research

AS-Level Topology Inference for Path-Aware Networking

inforesearchPeer-Reviewed
security
Previous228 / 323Next
research
Dec 17, 2025

Researchers have developed a steganographic method (hiding secret data inside another medium) that embeds hidden messages into compressed neural network models (AI systems made smaller through techniques like quantization, pruning, or distillation). The approach allows a receiver with the correct extraction network to recover the hidden data while ordinary users remain unaware it exists, and the method maintains the model's performance in size, speed, and accuracy.

IEEE Xplore (Security & AI Journals)
Dec 17, 2025

ChargerWhisper is a side-channel attack (a method that steals information by observing physical properties rather than breaking encryption) that uses high-frequency inaudible sounds produced by fast chargers to infer private user information. The attack works because electronic components in chargers vibrate at frequencies correlated with power output, which changes based on what activities users perform on their devices, allowing attackers to identify websites being visited or unlock PINs through acoustic analysis.

IEEE Xplore (Security & AI Journals)
Dec 17, 2025

Researchers proved that spurious local minima (points where a neural network stops improving, but isn't at the best solution) definitely exist in deep CNNs (convolutional neural networks, which are commonly used for image recognition). They created a method to construct these problematic points mathematically and designed a new optimization algorithm (a step-by-step process for improving the network) that can escape from them, showing better accuracy than standard training methods like SGD or Adam on image datasets.

Fix: The source proposes a deterministic optimization method to escape local minima that is applicable to CNNs, ResNets, MLPs, and transformers. The authors report that experimental results on CIFAR-10, CIFAR-100, and ImageNet-1k datasets show their optimization method outperforms SGD or Adam in accuracy (by 0.27% on average) consistently across all tested architectures and datasets.

IEEE Xplore (Security & AI Journals)

Fix: The fix involves three changes: (1) Taking ipc_msg_table_lock in ipc_msg_send_request() while validating entry->response, freeing it when invalid, and removing the entry from ipc_msg_table, (2) Returning the final entry->response pointer to the caller only after the hash entry is removed under the lock, and (3) Returning NULL in the error path to preserve the original API semantics. This ensures all accesses to entry->response are protected by the same lock, eliminating the race condition.

NVD/CVE Database
Dec 16, 2025

This paper addresses challenges in semisupervised medical image segmentation (using AI to identify structures in medical images when only some training data is labeled) by proposing FPSE, a framework that combines CNN (convolutional neural networks, which process images as grids of pixels) and transformer networks (which use attention mechanisms to focus on relevant parts of input). The key innovation is a "fully perturbed consistency learning" strategy that applies multiple types of perturbations (variations, like data transformations and feature modifications) to better learn from unlabeled images, while also using transformers on shallow features from CNNs to avoid needing excessive labeled data.

IEEE Xplore (Security & AI Journals)
Google Project Zero
Google Project Zero
Dec 15, 2025

MPS-Fuzz is a new fuzzing technique (a method for finding bugs by automatically testing software with many random inputs) that improves upon existing approaches by using a better way to track which parts of code have been tested. The technique addresses problems like too many similar test cases and collision errors (when different code paths incorrectly get marked as the same) by organizing code into units called MPS (multiple predecessors and successors, which are basic blocks with multiple entry and exit points) and using an extra tracking system. Testing showed MPS-Fuzz found 25.7% more bugs than the standard AFL fuzzer and even discovered a previously unknown vulnerability in real software.

IEEE Xplore (Security & AI Journals)
Dec 15, 2025

This paper presents Srchpa, a privacy-preserving method for computing the shortest path (the most efficient route between two locations) between a user and a destination. Unlike traditional navigation systems where users must share their location with a server, Srchpa protects both the user's location data and the server's route information while requiring only a single round of communication (one back-and-forth exchange) instead of multiple interactions. The scheme is designed to work efficiently even on resource-limited devices like smartphones.

IEEE Xplore (Security & AI Journals)
research
Dec 15, 2025

This research addresses backdoor attacks, where poisoned training data (maliciously altered samples inserted into a dataset) causes neural networks to behave incorrectly on specific inputs. The authors propose a defense method called Trap that detects poisoned samples early in training by recognizing they cluster separately from legitimate data, then removes the backdoor by retraining part of the model on relabeled poisoned samples, achieving very high attack detection rates with minimal accuracy loss.

Fix: The paper proposes detecting poisoned samples during early training stages and removing the backdoor by retraining the classifier part of the model on relabeled poisoned samples. The authors report their method reduced average attack success rate to 0.07% while only decreasing average accuracy by 0.33% across twelve attacks on four datasets.

IEEE Xplore (Security & AI Journals)
Dec 15, 2025

FLEX (Flexible Linked EXecution) is a hotpatching technique that allows embedded systems to receive software updates without shutting down, by redirecting all function calls and variable accesses through a compile-time generated Control Flow Table. Unlike older approaches, FLEX works on any hardware, supports many patches at once, and introduces only about 11% execution overhead while using 17% more memory storage.

Fix: The source describes FLEX itself as the solution: it uses a 'relaxed consistency state synchronization mechanism to allow for gradual migration of program state, resolves all symbols at compile time into CFT (Control Flow Table) indirections, applies updates via a double-buffered pointer swap to a new CFT, and a XIP (execute-in-place) compatible process that guarantees only a short, bounded pause time regardless of patch complexity.'

IEEE Xplore (Security & AI Journals)
Dec 15, 2025

Smart meters in electrical grids collect detailed energy usage data that can reveal private information about users, but protecting this data while combining readings from multiple meters requires heavy computation that strains devices with limited resources. Researchers developed MDA-SMuSha, a scheme that uses Shamir's multi-secret sharing (a cryptographic method that splits secrets among multiple parties) and Paillier encryption (a technique allowing calculations on encrypted data without decrypting it) to let smart meters efficiently protect and aggregate their multi-dimensional energy data while still allowing a control center to request statistics flexibly. Testing shows this approach uses less computation than existing privacy-protection methods while maintaining security, authenticity, data integrity, and fault-tolerance (the ability to continue working even if some components fail).

IEEE Xplore (Security & AI Journals)
Dec 15, 2025

Vehicle platooning (where multiple vehicles travel together in formation) needs to assess whether the lead vehicle is reliable, which is done through reputation management systems. Existing reputation systems have weaknesses in security, privacy, and use overly simple evaluation methods. This paper proposes PDRU, a new reputation system that uses dual reputation tracking (a backup system to prevent single-point failures), evaluates the lead vehicle across multiple dimensions, and keeps vehicle identities and reputation scores private.

IEEE Xplore (Security & AI Journals)
research
Dec 15, 2025

Researchers found that text-to-image diffusion models (AI systems that generate images from text descriptions) can be attacked using backdoors, which are hidden triggers in text that make the model produce unwanted outputs. This paper proposes Dynamic Attention Analysis (DAA), a new detection method that tracks how the model's attention mechanisms (the parts of the AI that focus on relevant information) change over time, since backdoor attacks create different patterns than normal operation. The method achieved strong detection results, correctly identifying backdoored samples about 79% of the time.

IEEE Xplore (Security & AI Journals)

Fix: Upgrade to Weaviate OSS version 1.33.4 or later.

NVD/CVE Database

Fix: Upgrade Weaviate OSS to version 1.33.4 or later.

NVD/CVE Database
policy
Dec 12, 2025

Researchers studied an AI-driven metaverse prototype (a 3D virtual environment enhanced with multi-agent systems, or software that can act independently) designed to train cybersecurity professionals, gathering feedback from 53 experts. The study found that this technology could create personalized, scalable training experiences but identified implementation challenges and proposed six recommendations for organizations considering adopting it.

AIS eLibrary (Journal of AIS, CAIS, etc.)
Dec 12, 2025

This editorial introduces a special issue examining how evolving information technology and society will shape the future of work, jobs, and professional roles. It calls for research that projects multiple possible futures, evaluates which outcomes are most valuable, and identifies steps organizations can take now to work toward their preferred future states.

AIS eLibrary (Journal of AIS, CAIS, etc.)
Dec 12, 2025

This paper addresses how to map out the structure of autonomous systems (ASes, which are large networks controlled by single organizations) using path identifiers in path-aware networking (PAN, a system where packets carry information about which networks they travel through). The researchers propose an algorithm called AEC (Alternating Expanding and Checking) that reconstructs the AS-level topology by examining these path identifiers in packets, achieving 99.6% accuracy in tests.

IEEE Xplore (Security & AI Journals)