All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Graph Neural Networks (GNNs, machine learning models that work with interconnected data) perform poorly at detecting anomalies in graphs because of high Class Homophily Variance (CHV), meaning some node types cluster together while others scatter. The researchers propose HEAug, a new GNN model that creates additional connections between nodes that are similar in features but not originally linked, and adjusts its training process to avoid generating unwanted connections.
Fix: The proposed mitigation is the HEAug (Homophily Edge Augment Graph Neural Network) model itself. According to the source, it works by: (1) sampling new homophily adjacency matrices (connection patterns) from scratch using self-attention mechanisms, (2) leveraging nodes that are relevant in feature space but not directly connected in the original graph, and (3) modifying the loss function to punish the generation of unnecessary heterophilic edges by the model.
IEEE Xplore (Security & AI Journals)A WordPress plugin called 'The Bread & Butter' has a security flaw called CSRF (cross-site request forgery, where an attacker tricks someone into performing an unwanted action on a website) in versions up to 7.10.1321. The flaw exists in the image upload function because it lacks proper nonce validation (a security token that verifies a request is legitimate), allowing attackers to upload malicious files that could lead to RCE (remote code execution, where an attacker runs commands on the website) if they can trick an admin into clicking a malicious link.
Anthropic Sandbox Runtime is a tool that restricts what processes can access on a computer's filesystem (file storage) and network without needing containers (isolated computing environments). Before version 0.0.16, a bug prevented the network sandbox from working correctly when no allowed domains were specified, which could let code inside the sandbox make network requests it shouldn't be able to make.
Version 0.14.10 of llama-index-core added a mock function calling LLM (a simulated language model that can pretend to execute functions), while related packages fixed typos and added new integrations like Airweave tool support for advanced search capabilities. This is a routine software release with feature additions and bug fixes.
NVIDIA Triton Server for Linux has a vulnerability where attackers can bypass input validation (improper validation of specified quantity in input) by sending malformed data. This flaw could allow an attacker to cause a denial of service attack (making a system unavailable to legitimate users).
NVIDIA Triton Inference Server has a vulnerability (CVE-2025-33201) where an attacker can send extremely large data payloads to bypass safety checks, potentially crashing the service and making it unavailable to legitimate users (a denial of service attack). The vulnerability stems from improper validation of unusual or exceptional input conditions.
MCP Server Kubernetes (a tool that lets software manage Kubernetes clusters, which are systems for running containerized applications) has a vulnerability in versions before 2.9.8 where the exec_in_pod tool accepts user commands without checking them first. When commands are provided as strings, they go directly to shell interpretation (sh -c, a command processor) without validation, allowing attackers to inject malicious shell commands either directly or through prompt injection (tricking an AI into running hidden instructions in its input).
Claude Code is an agentic coding tool (software that can write and run code automatically) that had a vulnerability before version 1.0.93 where errors in parsing shell commands (instructions to a computer's operating system) allowed attackers to bypass read-only protections and execute arbitrary code if they could add untrusted content to the tool's input. This vulnerability (command injection, or tricking the tool into running unintended commands) had a CVSS score (0-10 severity rating) of 8.7, marking it as high-risk.
A WordPress plugin called 'Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI' has a time-based SQL injection vulnerability (a security flaw where attackers can insert malicious database commands through user input) in its "getTermsForAjax" function in versions up to 3.40.1. Authenticated users with contributor-level access or higher can exploit this flaw to extract sensitive information from the website's database because the plugin doesn't properly validate user input before using it in database queries.
A WordPress plugin called AI Autotagger with OpenAI has a security flaw in versions up to 3.40.1 where it fails to properly check if users have permission to perform certain actions. This authorization bypass (a failure to verify that someone is allowed to do something) allows authenticated attackers with basic subscriber-level access to merge or delete taxonomy terms (categories and tags used to organize content) that they shouldn't be able to modify.
LlamaIndex released version 0.14.9 with updates across multiple components, including bug fixes for vector stores (systems that store converted data in a format AI models can search), support for new AI models like Claude Opus 4.5 and GPT-5.1, and improvements to integrations with services like Azure, Bedrock, and Qdrant. The release addresses issues with memory management, async operations (non-blocking code that runs in parallel), and various database connectors.
The AI industry is gradually accepting LLM (large language model) outputs as reliable without questioning them, similar to how NASA ignored warning signs before the Challenger disaster. This 'normalization of deviance' (accepting behavior that deviates from proper standards as normal) is particularly risky in agentic systems (AI systems that can take independent actions without human approval at each step), where unchecked LLM decisions could cause serious problems.
Fix: A patch was released in v0.0.16 that fixes this issue.
NVD/CVE DatabaseThis paper presents MAD-ODE, a method for detecting anomalies (unusual behavior) in multivariate time series data (multiple measurements changing over time) from IoT (Internet of Things) devices using Graph Neural Networks (GNNs, which are AI models that process data organized as connected nodes and relationships). The method combines two types of graph structures—one built from prior knowledge about sensor relationships and one learned automatically—along with a special type of neural network that can capture long-range patterns in data over time.
This academic paper proposes WTAC (weighted threshold anonymous credentials with redactable fine-grained blind signature), a new privacy system designed for blockchain platforms that need to balance user anonymity with regulatory oversight. The system uses advanced cryptographic techniques (like functional encryption and secret-sharing) to let credential issuers verify certain information about users without seeing their actual data, while keeping the issuer's identity hidden from both users and verifiers. The researchers demonstrate how their system could work in a privacy-preserving lending platform on blockchains and claim their approach is both secure and efficient.
This research proposes a method for AI systems to learn and understand the unique decision-making patterns of individual human operators in cyber defense roles, such as their risk tolerance and curiosity levels. Rather than trying to copy what operators do, the approach uses a kernel-based inverse learning framework (a mathematical technique to infer hidden traits from observed behavior) to build personalized models that can provide better guidance and support. The method was tested with 108 participants and showed it can accurately predict individual decision-making styles even with limited data, helping AI assistants adapt their support to different operators while maintaining mission safety.
Fix: Update to version 2.9.8, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update Claude Code to version 1.0.93 or later, where this vulnerability is fixed.
NVD/CVE DatabaseFix: A patch is available. According to the source, users should update to the version fixed in the GitHub commit referenced at https://github.com/TaxoPress/TaxoPress/commit/5eb2cee861ebd109152eea968aca0259c078c8b0.
NVD/CVE DatabaseSmart grids (power distribution systems that communicate usage data electronically) currently use classical public-key cryptosystems (encryption methods based on mathematical problems that are hard to solve) to protect power consumption information, but quantum computing threatens to break these systems. This paper proposes QC-EAM, a new security model using quantum encryption and quantum Fourier transformation (a quantum algorithm for processing data) to protect smart grid communications, tested on IBM's quantum computing platform.
This research proposes CTCV, a framework to verify that data stored on edge nodes (computers positioned between users and distant servers for faster access) hasn't been corrupted or tampered with. The framework uses blockchain (a distributed ledger technology) to let edge nodes check each other's data integrity without relying on a single trusted auditor, while preventing collusion attacks (where multiple nodes work together to hide data corruption) through careful verification methods and time limits on response times.
Researchers discovered a serious weakness in tools designed to detect third-party libraries (external code that apps use) in Android applications. They created LibPass, an attack method that generates tricked versions of apps that can fool these detection tools into missing dangerous or non-compliant libraries, with success rates reaching up to 99%. The study reveals that current detection tools are not robust enough to withstand intentional attacks, which puts users at risk since unsafe libraries could hide inside apps.
Advanced web bots like OpenWPM (a browser automation tool) can hide their identity and mimic human behavior, making them hard to detect and potentially enabling fraud or data theft. Researchers developed a detection system that analyzes four types of browsing behaviors (mouse movement, clicks, keystrokes, and scrolling) using machine learning classification models to identify these stealthy bots with 98.8% accuracy.
This research presents HIMT-NAS, an improved method for neural architecture search (NAS, the process of automatically designing neural network structures) that handles multiple tasks at once. The new approach tracks historical information about previous network designs across generations to reduce wasted search effort and adjusts how knowledge is shared between different tasks based on their similarity, addressing problems in existing multitask NAS methods.