aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6442 items

Blockchain-Enhanced Verifiable Secure Inference for Regulatable Privacy-Preserving Transactions

inforesearchPeer-Reviewed
securityresearch
Dec 10, 2025

This research proposes a new system that combines blockchain (a decentralized ledger that records transactions) with zero-knowledge proofs (cryptographic methods that prove something is true without revealing the underlying data) to make AI model inference more trustworthy and private. The system verifies both where the input data comes from and where the AI model weights (the learned parameters that control how an AI makes decisions) come from, while keeping user information confidential. The authors demonstrate their approach with a privacy-preserving transaction system that can detect suspicious activity without exposing private data.

IEEE Xplore (Security & AI Journals)

Toward Understanding the Tradeoff Between Privacy Preservation and Byzantine-Robustness in Decentralized Learning

inforesearchPeer-Reviewed
security

Fairness-Aware Differential Privacy: A Fairly Proportional Noise Mechanism

inforesearchPeer-Reviewed
research

OWASP Top 10 for Agentic Applications – The Benchmark for Agentic Security in the Age of Autonomous AI

inforesearchIndustry
security

OWASP GenAI Security Project Releases Top 10 Risks and Mitigations for Agentic AI Security

inforesearchIndustry
safety

CVE-2025-33213: NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a d

highvulnerability
security
Dec 9, 2025
CVE-2025-33213

NVIDIA Merlin Transformers4Rec for Linux has a vulnerability in its Trainer component involving deserialization of untrusted data (treating unverified data as legitimate code or objects). A user exploiting this flaw could potentially run arbitrary code, crash the system (denial of service), steal information, or modify data.

CVE-2022-50661: In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copy_seccomp() to no failure path. O

infovulnerability
security
Dec 9, 2025
CVE-2022-50661

A memory leak vulnerability exists in the Linux kernel's seccomp (secure computing, a security feature that restricts what system calls a process can make) implementation where seccomp filter objects are not properly freed when a process creation fails after a signal interrupts it. The fix moves the copy_seccomp() function to execute after a signal check and adds a warning in free_task() to ensure filters are properly released during process cleanup.

CVE-2025-64671: Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized at

highvulnerability
security
Dec 9, 2025
CVE-2025-64671

CVE-2025-64671 is a command injection vulnerability (a flaw where an attacker can inject malicious commands into input that gets executed) in Copilot that allows an unauthorized attacker to execute code locally on a system. The vulnerability stems from improper handling of special characters in commands, and Microsoft has documented it as a known issue.

CVE-2025-62994: Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Re

mediumvulnerability
security
Dec 9, 2025
CVE-2025-62994

CVE-2025-62994 is a vulnerability in WP AI CoPilot (a WordPress plugin that adds AI assistance to WordPress sites) version 1.2.7 and earlier, where sensitive information gets accidentally included when the plugin sends data. This allows attackers to retrieve embedded sensitive data that shouldn't be exposed.

HP-OTP: One-Time Password Scheme Based on Hardened Password

inforesearchPeer-Reviewed
security

AdaptiveShield: Dynamic Defense Against Decentralized Federated Learning Poisoning Attacks

inforesearchPeer-Reviewed
security

Verifiable and Controllable Data Sharing With Compliance Checking in Cloud Computing

inforesearchPeer-Reviewed
security

An Efficient Multi-Level and Cross-Domain Conditional Anonymous Authentication Scheme in V2G

inforesearchPeer-Reviewed
security

Warning-Graph: An Early Warning Framework for APT Attacks Based on Threat Intelligence Modeling

inforesearchPeer-Reviewed
research

Enhancing the Security of Large Character Set CAPTCHAs Using Transferable Adversarial Examples

inforesearchPeer-Reviewed
research

Enhancing EEG Signal-Based Emotion Recognition With Synthetic Data: Diffusion Model Approach

inforesearchPeer-Reviewed
research

Contrast Duality of Adversarial Learningin Network Intrusion: A Review

inforesearchPeer-Reviewed
research

Reinforcement Learning-Enhanced Dynamic LSTM Training With Meta-Feature Extraction for Small Time-Series VOC Datasets in CKD Detection

inforesearchPeer-Reviewed
research

SFedCA: Credit Assignment-Based Active Client Selection Strategy for Spiking Federated Learning

inforesearchPeer-Reviewed
research

A Unified Decision Rule for Generalized Out-of-Distribution Detection

inforesearchPeer-Reviewed
research
Previous230 / 323Next
research
Dec 10, 2025

This research paper studies the challenge of balancing two competing goals in decentralized learning (where multiple computers train an AI model together without a central server): keeping each computer's data private while protecting against Byzantine attacks (when some computers deliberately send false information to sabotage the learning process). The authors found that using Gaussian noise (random mathematical noise added to messages) to protect privacy actually makes it harder to defend against Byzantine attacks, creating a fundamental tradeoff between these two security goals.

IEEE Xplore (Security & AI Journals)
privacy
Dec 10, 2025

This research proposes a Fairly Proportional Noise Mechanism (FPNM) to address a problem in differential privacy (DP, a technique that adds random noise to data to protect individual privacy while allowing statistical analysis). Traditional DP methods add noise uniformly without considering fairness, which can unfairly affect different groups of people differently, especially in decision-making and learning tasks. The new FPNM approach adjusts noise based on both its direction and size relative to the actual data values, reducing unfairness by about 17-19% in experiments while maintaining privacy protections.

IEEE Xplore (Security & AI Journals)
policy
Dec 10, 2025

OWASP has released a Top 10 list of security risks specifically for agentic AI applications, which are autonomous AI systems that can use tools and take actions on their own. This framework was built from real incidents and industry experience to help organizations secure these advanced AI systems as they become more common.

OWASP GenAI Security
policy
Dec 10, 2025

The OWASP GenAI Security Project (an open-source community focused on AI safety) has released a list of the top 10 security risks for agentic AI (AI systems that can take actions independently). This guidance was created with input from over 100 industry experts and is meant to help organizations understand and address threats to AI systems.

OWASP GenAI Security
NVD/CVE Database

Fix: Move copy_seccomp() to execute after the signal check in copy_process(), and add a WARN_ON_ONCE() in free_task() for future debugging. This ensures seccomp_filter_release() is called to decrement the filter's refcount in the failure path, preventing memory leaks.

NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
Dec 9, 2025

One-Time Passwords (OTPs, temporary codes used in two-factor authentication to verify your identity) like HOTP and TOTP have vulnerabilities that let attackers bypass security if they steal the secret key stored on a device or server. This paper proposes HP-OTP, a new OTP scheme that combines your password with the device's unique identifier to make it harder for attackers to forge codes even if they compromise either the device or server.

IEEE Xplore (Security & AI Journals)
research
Dec 9, 2025

Federated learning (a system where decentralized devices train a shared AI model together while keeping their data local) is vulnerable to poisoning attacks, where malicious participants inject false data to corrupt the final model. This paper proposes AdaptiveShield, a defense system that uses dynamic detection strategies to identify attackers, automatically adjusts its sensitivity thresholds to handle different attack types, reduces damage from missed attackers by adjusting hyperparameters (settings that control how the model learns), and hides user identities through a shuffling mechanism to protect privacy.

Fix: AdaptiveShield employs: (1) dynamic detection strategies that assess maliciousness and dynamically adjust detection thresholds to adapt to various attack scenarios; (2) dynamic hyperparameter adjustment to minimize negative impact from missed attackers and enhance robustness; and (3) a hierarchical shuffle mechanism to dissociate user identities from their uploaded local models, providing privacy protection.

IEEE Xplore (Security & AI Journals)
Dec 9, 2025

This paper proposes Verifiable Data Capsule (VDC), a method for secure data sharing in cloud computing where data owners encrypt their data and upload it with access policies to a cloud server, allowing only authorized users to process the data in a TEE (Trusted Execution Environment, a secure zone on a computer where data stays protected). The system addresses a problem with existing approaches: malicious servers could trick users by providing outdated or corrupted data, so the researchers designed a lightweight verification method called Locally Verifiable Chameleon Tag (LVCT) that lets users confirm data hasn't been tampered with or replaced.

IEEE Xplore (Security & AI Journals)
Dec 9, 2025

This academic paper proposes a new authentication scheme for vehicle-to-grid (V2G) systems, which allow electric vehicles to exchange power with electrical grids. The scheme uses conditional anonymous authentication (a method that hides vehicle identity while allowing identification of bad actors) with a multi-level architecture combining group signatures (cryptographic signatures that hide individual identity within a group) and proxy signatures (where one party can create signatures on behalf of another), making it more efficient than existing approaches.

IEEE Xplore (Security & AI Journals)
security
Dec 9, 2025

Advanced Persistent Threats (APTs, which are long-term targeted attacks by sophisticated adversaries) are becoming harder to detect early. This paper introduces Warning-Graph, a framework that uses threat intelligence modeling (analyzing data about known attack patterns and infrastructure) to identify ongoing APT attacks by examining IoCs (indicators of compromise, or digital clues that show an attack happened) without needing lots of labeled training data. The framework uses graph-based machine learning techniques to improve detection accuracy by 3-5 percentage points compared to existing methods.

IEEE Xplore (Security & AI Journals)
security
Dec 9, 2025

Deep learning attacks have successfully cracked CAPTCHAs (automated tests that distinguish humans from bots) that use large character sets, especially those with alphabets from languages like Chinese. This paper proposes ACG (Adversarial Large Character Set CAPTCHA Generation), a framework that makes CAPTCHAs harder to attack by adding adversarial perturbations (intentional distortions that confuse AI recognition systems) through two modules: one that prevents character recognition and another that adds global visual noise, reducing attack success rates from 51.52% to 2.56%.

Fix: The paper proposes ACG (Adversarial Large Character Set CAPTCHA Generation) as a defense framework. According to the source, ACG uses 'a Fine-grained Generation Module, combining three novel strategies to prevent attackers from recognizing characters, and an Ensemble Generation Module to generate global perturbations in CAPTCHAs' to strengthen defense against recognition attacks and improve robustness against diverse detection architectures.

IEEE Xplore (Security & AI Journals)
Dec 9, 2025

This research paper describes a method to improve emotion recognition using EEG (electroencephalography, a technology that measures electrical activity in the brain) by generating synthetic EEG data through a diffusion model (a type of AI that creates new data by gradually removing noise from random data). The proposed approach achieved up to 5.6% better accuracy in identifying emotions compared to traditional methods, helping address the problem of not having enough real EEG data for training these systems.

IEEE Xplore (Security & AI Journals)
security
Dec 9, 2025

AI systems are valuable for cybersecurity because they can detect patterns and anomalies in large amounts of data, but attackers can exploit these same AI capabilities to launch sophisticated attacks. Adversarial learning (using AI to trick or attack other AI systems) works in two ways: attackers use techniques like data poisoning (corrupting training data) and test time evasion (fooling a trained model with specially crafted inputs) to compromise security systems, while defenders use adversarial training (teaching AI to resist such attacks) to protect against these threats. The source identifies gaps in current research, including a lack of real-world attack data and limited evaluation of AI solutions for network traffic analysis.

IEEE Xplore (Security & AI Journals)
Dec 9, 2025

This research proposes an AI-based system that uses deep learning and reinforcement learning (RL, a machine learning approach where an AI learns by receiving rewards for good decisions) to detect disease markers in exhaled breath by analyzing volatile organic compounds (VOCs, small carbon-based chemicals produced by the body). The system is designed to work well even with small datasets and aims to improve early disease detection, particularly for chronic kidney disease, through a noninvasive and cost-effective diagnostic method.

IEEE Xplore (Security & AI Journals)
Dec 9, 2025

Spiking federated learning (FL, a distributed training method where multiple devices collaborate without sharing their private data) typically uses random selection to choose which devices contribute to the final model, but this ignores statistical heterogeneity (differences in data distribution across devices). This paper proposes SFedCA, a new strategy that assigns credits to devices based on their firing intensity (activity level in spiking neural networks, which use brain-inspired neurons that only activate when needed) before and after training, allowing better selection of devices whose data distributions match the overall model needs.

IEEE Xplore (Security & AI Journals)
safety
Dec 9, 2025

This research paper addresses generalized out-of-distribution detection (OOD detection, where an AI system identifies inputs that are very different from its training data), which is important for AI systems used in safety-critical applications. Rather than focusing on designing better scoring functions, the authors propose a new decision rule called the generalized Benjamini Hochberg procedure that uses hypothesis testing (a statistical method for making decisions about data) to determine whether an input is out-of-distribution, and they prove this method controls false positive rates better than traditional threshold-based approaches.

IEEE Xplore (Security & AI Journals)