The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
GitHub

SED: A Simple Encoder-Decoder for Open-Vocabulary Semantic Segmentation

We propose an encoder-decoder for open-vocabulary semantic segmentation comprising a hierarchical encoder-based cost map generation and a gradual fusion decoder. We introduce a category early ...
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
Dark Reading

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
IEEE

Privacy-Encoded Federated Learning Against Gradient-Based Data Reconstruction Attacks

Abstract: Federated learning (FL) enables multiple local clients to collaboratively train a global model, which can reduce privacy leakage by sharing model parameters instead of private datasets.
IEEE

An In-Depth Comparative Study of Quantum-Classical Encoding Methods for Network Intrusion Detection

Abstract: In today’s rapidly evolving cyber landscape, the growing sophistication of attacks, including the rise of zero-day exploits, poses critical challenges for network intrusion detection.
precisionmedicineonline

Encoded Therapeutics' Dravet Gene Therapy Data Suggest Sirolimus May Blunt Benefit

BOSTON – An experimental one-time gene therapy developed by Encoded Therapeutics reduced seizures and improved neurodevelopmental outcomes for children with Dravet syndrome, researchers reported ...