Tootfinder

Just discovered a new RAT at #hacklu and it seems the name can confuse a lot of french-speaking persons.
RATatouille
Not sure it''s a good idea for the SEO of the RAT author. ;-)
🔗 http…

RATatouille: A Malicious Recipe Hidden in rand-user-agent (Supply Chain Compromise)
RATatouille: A Malicious Recipe Hidden in rand-user-agent (Supply Chain Compromise)

MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-of-Experts LLMs
Ruyi Ding, Tianhong Xu, Xinyi Shen, Aidong Adam Ding, Yunsi Fei
https://arxiv.org/abs/2508.15036

MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-of-Experts LLMs
The transformer architecture has become a cornerstone of modern AI, fueling remarkable progress across applications in natural language processing, computer vision, and multimodal learning. As these models continue to scale explosively for performance, implementation efficiency remains a critical challenge. Mixture of Experts (MoE) architectures, selectively activating specialized subnetworks (experts), offer a unique balance between model accuracy and computational cost. However, the adaptive …

On the Compromise Between Performance and Efficiency in RIS-aided Communication Systems
P. H. C. de Souza (National Institute of Telecommunications - Inatel), M. Khazaee (National Institute of Telecommunications - Inatel), L. L. Mendes (National Institute of Telecommunications - Inatel)
https://arxiv.org/abs/2508.15599

On the Compromise Between Performance and Efficiency in RIS-aided Communication Systems
The reconfigurable intelligent surface (RIS) technology for metasurfaces is ushering in a new paradigm for wireless communication systems. It provides an accessible way for controlling the interaction between electromagnetic waves with the propagation medium. One particularly important aspect is the configuration of the RIS elements or reflectors. Simply stated, the objective of the RIS configuration is to choose the optimum phase-shift combination that maximizes the channel capacity. Recently,…

3/3 This pattern is particularly tough when the reasons you’re bored with what you have to do are out of your control.
We can’t always choose to only do work that’s fun, or only do it in fun ways.
We might have to compromise with others or be handed down tasks that we hate but have to do to make money and live.
And then add to that having a condition like #ADHD which makes people like me bored on a chronic basis, sometimes for no reason at all.
It’s like a built-in sabotage switch in my brain.
I don’t know what to do about it.

LGMSNet: Thinning a medical image segmentation model via dual-level multiscale fusion
Chengqi Dong, Fenghe Tang, Rongge Mao, Xinpei Gao, S. Kevin Zhou
https://arxiv.org/abs/2508.15476

LGMSNet: Thinning a medical image segmentation model via dual-level multiscale fusion
Medical image segmentation plays a pivotal role in disease diagnosis and treatment planning, particularly in resource-constrained clinical settings where lightweight and generalizable models are urgently needed. However, existing lightweight models often compromise performance for efficiency and rarely adopt computationally expensive attention mechanisms, severely restricting their global contextual perception capabilities. Additionally, current architectures neglect the channel redundancy issu…

Medical priority fusion: achieving dual optimization of sensitivity and interpretability in nipt anomaly detection
Xiuqi Ge, Zhibo Yao, Yaosong Du
https://arxiv.org/abs/2509.17924

Medical priority fusion: achieving dual optimization of sensitivity and interpretability in nipt anomaly detection
Clinical machine learning faces a critical dilemma in high-stakes medical applications: algorithms achieving optimal diagnostic performance typically sacrifice the interpretability essential for physician decision-making, while interpretable methods compromise sensitivity in complex scenarios. This paradox becomes particularly acute in non-invasive prenatal testing (NIPT), where missed chromosomal abnormalities carry profound clinical consequences yet regulatory frameworks mandate explainable A…

Another airline hit by a criminal extortion group, this time Clop.
Regional airline Envoy Air confirms Oracle E-Business Suite compromise
https://therecord.media/regional-airline-envoy-oracle

Regional airline Envoy Air confirms Oracle E-Business Suite compromise
The regional American airline Envoy Air confirmed that its IT system was impacted by a recent hacking campaign targeting Oracle E-Business Suite.

Hands-on with Boba 3, Meta's prototype PC VR headset with a form factor similar to the Quest 3, featuring an ultrawide field of view of 180° by 120° (David Heaney/UploadVR)
https://www.uploadvr.com/meta-boba-3-prototype-hands-on-ultra-…

Meta Boba 3 Prototype Hands-On: Ultra-Wide Field Of View Without Compromise
We went hands-on with Boba 3, Meta's practical ultra-wide field of view prototype headset, and it has us more optimistic than ever about the future of VR.

Hierarchical Retrieval: The Geometry and a Pretrain-Finetune Recipe
Chong You, Rajesh Jayaram, Ananda Theertha Suresh, Robin Nittka, Felix Yu, Sanjiv Kumar
https://arxiv.org/abs/2509.16411

Hierarchical Retrieval: The Geometry and a Pretrain-Finetune Recipe
Dual encoder (DE) models, where a pair of matching query and document are embedded into similar vector representations, are widely used in information retrieval due to their simplicity and scalability. However, the Euclidean geometry of the embedding space limits the expressive power of DEs, which may compromise their quality. This paper investigates such limitations in the context of hierarchical retrieval (HR), where the document set has a hierarchical structure and the matching documents for…

Over 1,200 arrested in Africa-wide cybercrime crackdown, Interpol says https://therecord.media/africa-interpol-cybercrime-crackdown

"While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful #EntraID #vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deploymen…

Agent's Take: A unique compromise that could end the Commanders-Terry McLaurin contract dispute

https://www.cbssports.com/nfl/news/agents-

Clapper allegedly pushed to 'compromise' 'normal' steps to rush 2017 ICA, despite concerns from NSA director (Brooke Singman/Fox News)
https://www.foxnews.com/politics/clapper-pushed-compromise-normal-steps-rush-2017-ica-despite-concerns-from-nsa-director
http://www.memeorandum.com/250813/p91#a250813p91

Future-Proofing Cloud Security Against Quantum Attacks: Risk, Transition, and Mitigation Strategies
Yaser Baseri, Abdelhakim Hafid, Arash Habibi Lashkari
https://arxiv.org/abs/2509.15653

Future-Proofing Cloud Security Against Quantum Attacks: Risk, Transition, and Mitigation Strategies
Quantum Computing (QC) introduces a transformative threat to digital security, with the potential to compromise widely deployed classical cryptographic systems. This survey offers a comprehensive and systematic examination of quantumsafe security for Cloud Computing (CC), focusing on the vulnerabilities, transition strategies, and mitigation mechanisms required to secure cloud infrastructures in the quantum era. We evaluated the landscape of quantum threats across the entire CC stack, demonstra…

An Open-Source HW-SW Co-Development Framework Enabling Efficient Multi-Accelerator Systems
Ryan Albert Antonio, Joren Dumoulin, Xiaoling Yi, Josse Van Delm, Yunhao Deng, Guilherme Paim, Marian Verhelst
https://arxiv.org/abs/2508.14582

An Open-Source HW-SW Co-Development Framework Enabling Efficient Multi-Accelerator Systems
Heterogeneous accelerator-centric compute clusters are emerging as efficient solutions for diverse AI workloads. However, current integration strategies often compromise data movement efficiency and encounter compatibility issues in hardware and software. This prevents a unified approach that balances performance and ease of use. To this end, we present SNAX, an open-source integrated HW-SW framework enabling efficient multi-accelerator platforms through a novel hybrid-coupling scheme, consisti…

WELL.
We have a newly installed @… version on an old #EndoOf10 laptop.
All user files have been moved across (will require some organisation still, and that alone will be a shock to a GenZ used to just dumping stuff on the cloud - honestly the desktop looked like my parents... 😱 ).
Most important programs are there (I had to explain difference between program and app along the way too).
And overall it's been a pretty positive learning experience for both of us. I have had to compromise on a few things and teenager has a few programs installed that I'd rather not - but let's see this as a gateway out of #BigTech if at all possible...
There will be a few more follow up points I suspect but thanks all for your friendly encouragement and helpful hints so far
#MastodonRocks
15/n

Interesting,
"One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens"
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

I'll gonna take some time today to personalize the message and send out emails from my own account to hopefully ditch filtering on the target side and make my voice heard. Allowing chat control does not only put privacy and democracy in danger. At times of constant digital attacks from rogue states like Russia, the US, North Korea and China etc. it should be obvious that having weak encryption and standard backdoor access to secure communications channels is an invitation for any malici…

Fight Chat Control (@chatcontrol@mastodon.social)
Angehängt: 1 Bild Germany's position has been reverted to UNDECIDED. Despite expressing concerns about breaking end-to-end encryption, Germany refrained from taking a definitive stance on the Chat Control proposal during the September 12th LEWP meeting. A willingness to negotiate and compromise remains. This is an unfortunate development as Germany is crucial to defeating Chat Control. Please make your voices heard! https://fightchatcontrol.eu/ Source: https://netzpolitik.org/2025/chatko…

Replaced article(s) found for cond-mat.mes-hall. https://arxiv.org/list/cond-mat.mes-hall/new
[1/1]:
- Compromise-Free Scaling of Qubit Speed and Coherence
Miguel J. Carballido, et al.

Two Sides to Every Story: Exploring Hybrid Design Teams' Perceptions of Psychological Safety on Slack
Marjan Naghshbandi, Sharon Ferguson, Alison Olechowski
https://arxiv.org/abs/2508.11788

Two Sides to Every Story: Exploring Hybrid Design Teams' Perceptions of Psychological Safety on Slack
While the unique challenges of hybrid work can compromise collaboration and team dynamics, hybrid teams can thrive with well-informed strategies and tools that nurture interpersonal engagements. To inform future supports, we pursue a mixed-methods study of hybrid engineering design capstone teams' Psychological Safety (PS) (i.e., their climate of interpersonal risk-taking and mutual respect) to understand how the construct manifests in teams engaged in innovation. Using interviews, we study six…

RulER: Automated Rule-Based Semantic Error Localization and Repair for Code Translation
Shuo Jin, Songqiang Chen, Xiaoyuan Xie, Shing-Chi Cheung
https://arxiv.org/abs/2509.14829

RulER: Automated Rule-Based Semantic Error Localization and Repair for Code Translation
Automated code translation aims to convert programs between different programming languages while maintaining their functionality. Due to the imperfections of code translation models, the generated translations may contain errors that compromise their reliability. Existing automated debugging methods for code translation rely on code alignments and repair patch templates to locate and fix erroneous translations. However, existing methods lack reliable references to construct code alignments and…

French Prime Minister
Sébastien Lecornu has spoken to reporters,
about an hour after announcing his resignation.
“I was ready to compromise,
but each political party wanted the other political party to adopt its entire program,”
he said from the courtyard of Matignon Palace, the prime minister’s headquarters

European "socialism" is a compromise wherein the population gets services and, in exchange, the rich are allowed to continue to exist. This compromise developed to save capitalism from the threat of the working class just rising up and just doing it all themselves. Revolutions, it turns out, can be dangerous and may be subverted. It's generally safer, so Europe's working class decided, to accept some exploitation in exchange for not taking that chance.
The the strategy of "point guns at everyone until they comply" was a sustainable strategy, all of Europe would still be absolute monarchies, feudalism would still be the dominant economic system globally, and England would still control most of the land on Earth. Recognizing that this *isn't* the state of the world should give some clues as to how well Yarvin's ideas continue will play out in the real world.
#USPol

Study: 63% of Consumers Have a More Positive Perception of Brands That Use Sustainable Packaging https://vegconomist.com/packaging/study-consumers-associate-sustainable-packaging-positive-brand-perception/

Study: 63% of Consumers Have a More Positive Perception of Brands That Use Sustainable Packaging - vegconomist - the vegan business magazine
A new study by global management consultancy Simon-Kucher has concluded that consumers expect sustainable packaging, but are not willing to compromise on

Hackers reportedly compromise Canadian House of Commons through Microsoft vulnerability https://therecord.media/hackers-compromise-canada-house-of-commons

Mike Johnson raises fresh doubts about an Obamacare compromise (Meredith Lee Hill/Politico)
https://www.politico.com/live-updates/2025/10/10/congress/mike-johnson-raises-fresh-doubts-about-an-obamacare-compromise-00601984
http://www.memeorandum.com/251010/p141#a251010p141

FedUP: Efficient Pruning-based Federated Unlearning for Model Poisoning Attacks
Nicol\`o Romandini, Cristian Borcea, Rebecca Montanari, Luca Foschini
https://arxiv.org/abs/2508.13853

FedUP: Efficient Pruning-based Federated Unlearning for Model Poisoning Attacks
Federated Learning (FL) can be vulnerable to attacks, such as model poisoning, where adversaries send malicious local weights to compromise the global model. Federated Unlearning (FU) is emerging as a solution to address such vulnerabilities by selectively removing the influence of detected malicious contributors on the global model without complete retraining. However, unlike typical FU scenarios where clients are trusted and cooperative, applying FU with malicious and possibly colluding clien…

InfiniteTalk: Audio-driven Video Generation for Sparse-Frame Video Dubbing
Shaoshu Yang, Zhe Kong, Feng Gao, Meng Cheng, Xiangyu Liu, Yong Zhang, Zhuoliang Kang, Wenhan Luo, Xunliang Cai, Ran He, Xiaoming Wei
https://arxiv.org/abs/2508.14033

InfiniteTalk: Audio-driven Video Generation for Sparse-Frame Video Dubbing
Recent breakthroughs in video AIGC have ushered in a transformative era for audio-driven human animation. However, conventional video dubbing techniques remain constrained to mouth region editing, resulting in discordant facial expressions and body gestures that compromise viewer immersion. To overcome this limitation, we introduce sparse-frame video dubbing, a novel paradigm that strategically preserves reference keyframes to maintain identity, iconic gestures, and camera trajectories while en…

The LLM Already Knows: Estimating LLM-Perceived Question Difficulty via Hidden Representations
Yubo Zhu, Dongrui Liu, Zecheng Lin, Wei Tong, Sheng Zhong, Jing Shao
https://arxiv.org/abs/2509.12886

The LLM Already Knows: Estimating LLM-Perceived Question Difficulty via Hidden Representations
Estimating the difficulty of input questions as perceived by large language models (LLMs) is essential for accurate performance evaluation and adaptive inference. Existing methods typically rely on repeated response sampling, auxiliary models, or fine-tuning the target model itself, which may incur substantial computational costs or compromise generality. In this paper, we propose a novel approach for difficulty estimation that leverages only the hidden representations produced by the target LL…

Finite-time consensus in a compromise process
P. L. Krapivsky, A. Yu. Plakhov
https://arxiv.org/abs/2509.01024 https://arxiv.org/pdf/2509.01024

Finite-time consensus in a compromise process
A compromise process describes the evolution of opinions through binary interactions. Opinions are real numbers, and in each step, two randomly selected agents reach a compromise, namely, they acquire the average of their pre-interaction opinions. We prove that if the number $N$ of agents is a power of two, the consensus emerges after a finite number of compromise events with probability one; otherwise, the consensus cannot be reached in a finite number of steps (if initial opinions are in a ge…

"Yes, years of compromise and disappointment have added depth to my acting."
-Rufus Sewell
#acting #coaching #inspiration

PerchMobi^3: A Multi-Modal Robot with Power-Reuse Quad-Fan Mechanism for Air-Ground-Wall Locomotion
Yikai Chen, Zhi Zheng, Jin Wang, Bingye He, Xiangyu Xu, Jialu Zhang, Huan Yu, Guodong Lu
https://arxiv.org/abs/2509.12620

PerchMobi^3: A Multi-Modal Robot with Power-Reuse Quad-Fan Mechanism for Air-Ground-Wall Locomotion
Achieving seamless integration of aerial flight, ground driving, and wall climbing within a single robotic platform remains a major challenge, as existing designs often rely on additional adhesion actuators that increase complexity, reduce efficiency, and compromise reliability. To address these limitations, we present PerchMobi^3, a quad-fan, negative-pressure, air-ground-wall robot that implements a propulsion-adhesion power-reuse mechanism. By repurposing four ducted fans to simultaneously p…

Citation accuracy, citation noise, and citation bias: A foundation of citation analysis
Lutz Bornmann, Christian Leibel
https://arxiv.org/abs/2508.12735 https://

Citation accuracy, citation noise, and citation bias: A foundation of citation analysis
Citation analysis is widely used in research evaluation to assess the impact of scientific papers. These analyses rest on the assumption that citation decisions by authors are accurate, representing flow of knowledge from cited to citing papers. However, in practice, researchers often cite for reasons other than attributing intellectual credit to previous research. Citations made for rhetorical reasons or without reading the cited work compromise the value of citations as instrument for researc…

Vulnerable Agent Identification in Large-Scale Multi-Agent Reinforcement Learning
Simin Li, Zheng Yuwei, Zihao Mao, Linhao Wang, Ruixiao Xu, Chengdong Ma, Xin Yu, Yuqing Ma, Qi Dou, Xin Wang, Jie Luo, Bo An, Yaodong Yang, Weifeng Lv, Xianglong Liu
https://arxiv.org/abs/2509.15103

Vulnerable Agent Identification in Large-Scale Multi-Agent Reinforcement Learning
Partial agent failure becomes inevitable when systems scale up, making it crucial to identify the subset of agents whose compromise would most severely degrade overall performance. In this paper, we study this Vulnerable Agent Identification (VAI) problem in large-scale multi-agent reinforcement learning (MARL). We frame VAI as a Hierarchical Adversarial Decentralized Mean Field Control (HAD-MFC), where the upper level involves an NP-hard combinatorial task of selecting the most vulnerable agen…

'Ukraine will never be forced into compromise. We need a just peace' — Zelensky's Independence Day address: https://benborges.xyz/2025/08/24/ukraine-will-never-be-forced.html

Smart that Zelensky quickly visits Trump. If i was Ukraine i would make the compromise of giving up NATO memberschip but be allowed to quickly join the EU. With the current developments, the guarantuees in the EU treaty around security, NATO membership is not that crucial.
#geopolitics #ukraine

My take on the trend toward 90 credit Bachelor degrees in US higher education, and a few thoughts about the benefits and drawbacks, and about the compromise solution of the Distance Education Accrediting Commission for 3-year programs.
This started out as my response to DEAC's request for comments on their proposal, and I realized I was three fourths of the way to a short essay, so I went ahead and finished it.

Pruning Long Chain-of-Thought of Large Reasoning Models via Small-Scale Preference Optimization
Bin Hong, Jiayu Liu, Zhenya Huang, Kai Zhang, Mengdi Zhang
https://arxiv.org/abs/2508.10164

Pruning Long Chain-of-Thought of Large Reasoning Models via Small-Scale Preference Optimization
Recent advances in Large Reasoning Models (LRMs) have demonstrated strong performance on complex tasks through long Chain-of-Thought (CoT) reasoning. However, their lengthy outputs increase computational costs and may lead to overthinking, raising challenges in balancing reasoning effectiveness and efficiency. Current methods for efficient reasoning often compromise reasoning quality or require extensive resources. This paper investigates efficient methods to reduce the generation length of LRM…

SF Supervisor Matt Dorsey was one of 15 BCDC Commissioners who voted to take away weekday access to the Richmond-San Rafael Bridge bike path.
Dorsey said cyclists need to learn to compromise more. So much for his bragging about using bikeshare 🚮
https://richmond…

Richmond bridge bike lane access to be reduced starting this fall
The change to Thursday afternoons through Sundays, starting in October, lets transportation officials test the impact on traffic congestion.

Weekend Reads
* Cloud flow logs for security
https://www.sei.cmu.edu/blog/enhancing-security-with-cloud-flow-logs/
* Supply chain compromises retrospective

Enhancing Security with Cloud Flow Logs
The SEI has a history of support for flow log analysis, including its 2025 releases (for Azure or AWS) of open-source scripts to facilitate cloud flow log analysis. This blog explores challenges with correlating events across multiple CSPs.

Nikhil Banerjee - "Raga Komala Rishab Asawari / Raga Maluha Kalyan, Raga Mishra Gara" (1966)
"I do not compromise with anybody or anything else in the world. I do not care, I don’t care if anybody appreciates it or not; I don’t care. .... I want to really go beyond this materialistic world towards Space — there, no compromise. .... A musician must lift up the souls of the listeners, and take them towards Space.” - N.B.

LazyDrag: Enabling Stable Drag-Based Editing on Multi-Modal Diffusion Transformers via Explicit Correspondence
Zixin Yin, Xili Dai, Duomin Wang, Xianfang Zeng, Lionel M. Ni, Gang Yu, Heung-Yeung Shum
https://arxiv.org/abs/2509.12203

LazyDrag: Enabling Stable Drag-Based Editing on Multi-Modal Diffusion Transformers via Explicit Correspondence
The reliance on implicit point matching via attention has become a core bottleneck in drag-based editing, resulting in a fundamental compromise on weakened inversion strength and costly test-time optimization (TTO). This compromise severely limits the generative capabilities of diffusion models, suppressing high-fidelity inpainting and text-guided creation. In this paper, we introduce LazyDrag, the first drag-based image editing method for Multi-Modal Diffusion Transformers, which directly elim…

A Risk Manager for Intrusion Tolerant Systems: Enhancing HAL 9000 with New Scoring and Data Sources
Tadeu Freitas, Carlos Novo, In\^es Dutra, Jo\~ao Soares, Manuel Correia, Benham Shariati, Rolando Martins
https://arxiv.org/abs/2508.13364

A Risk Manager for Intrusion Tolerant Systems: Enhancing HAL 9000 with New Scoring and Data Sources
Intrusion Tolerant Systems (ITSs) have become increasingly critical due to the rise of multi-domain adversaries exploiting diverse attack surfaces. ITS architectures aim to tolerate intrusions, ensuring system compromise is prevented or mitigated even with adversary presence. Existing ITS solutions often employ Risk Managers leveraging public security intelligence to adjust system defenses dynamically against emerging threats. However, these approaches rely heavily on databases like NVD and Exp…

No such thing as a quiet weekend in cybersecurity, so check out today's Metacurity for the infosec developments you might have missed since Friday, including
--Scattered LAPSUS$ Hunters claims theft of 1 billion Salesforce records,
--Game engine developer Unity urges users to patch a severe flaw,
--Hackers stole some Discord user data after a third-party compromise,
--US immigration dramatically expands its spying ability,
--Asahi reverts to pen and paper to …

"Scattered LAPSUS$ Hunters" claims theft of 1 billion Salesforce records
Game engine developer Unity urges users to patch severe flaw, Hackers stole some Discord user data after a third-party compromise, US immigration dramatically expands its spying ability, Asahi reverts to pen and paper to process orders, Oz's NSW gov't reveals breach in homes program, much more

A Non-Intrusive Framework for Deferred Integration of Cloud Patterns in Energy-Efficient Data-Sharing Pipelines
Sepideh Masoudi, Mark Edward Michael Daly, Jannis Kiesel, Stefan Tai
https://arxiv.org/abs/2510.12354

A Non-Intrusive Framework for Deferred Integration of Cloud Patterns in Energy-Efficient Data-Sharing Pipelines
As data mesh architectures gain traction in federated environments, organizations are increasingly building consumer-specific data-sharing pipelines using modular, cloud-native transformation services. Prior work has shown that structuring these pipelines with reusable transformation stages enhances both scalability and energy efficiency. However, integrating traditional cloud design patterns into such pipelines poses a challenge: predefining and embedding patterns can compromise modularity, re…

Sync-in · The open-source platform that keeps your data safe
Sync-in is your open-source platform to store, share, collaborate, and sync your files. Manage your data, freely, privately and with no compromise.
📑 https://sync-in.com
:mastodon: @…

Sync-in
The secure, open-source platform for file storage, sharing, collaboration, and syncing.

Regional airline Envoy Air confirms Oracle E-Business Suite compromise https://therecord.media/regional-airline-envoy-oracle

MemorySim: An RTL-level, timing accurate simulator model for the Chisel ecosystem
Ansh Chaurasia
https://arxiv.org/abs/2508.12636 https://arxiv.org/pdf/250…

MemorySim: An RTL-level, timing accurate simulator model for the Chisel ecosystem
The rapid growth of AI applications has driven increased demand for specialized AI hardware, highlighting critical opportunities within the memory subsystem, which often serves as a performance bottleneck in high-demand workloads such as large language models (LLMs). Existing high-level memory simulators, such as DRAMSim2 and DRAMSim3, offer timing simulations but frequently compromise on correctness or integration at the register-transfer level (RTL). We present MemorySim, an RTL-level memory …

Routinely ignoring Dependabot requests pays off again, probably.
https://cyberplace.social/@GossiTheDog/115169390397282254

Robust Recovery and Control of Cyber-physical Discrete Event Systems under Actuator Attacks
Samuel Oliveira, Mostafa Tavakkoli Anbarani, Gregory Beal, Ilya Kovalenko, Marcelo Teixeira, Andr\'e B. Leal, R\^omulo Meira-G\'oes
https://arxiv.org/abs/2510.11405

Robust Recovery and Control of Cyber-physical Discrete Event Systems under Actuator Attacks
Critical real-world applications strongly rely on Cyber-physical systems (CPS), but their dependence on communication networks introduces significant security risks, as attackers can exploit vulnerabilities to compromise their integrity and availability. This work explores the topic of cybersecurity in the context of CPS modeled as discrete event systems (DES), focusing on recovery strategies following the detection of cyberattacks. Specifically, we address actuator enablement attacks and propo…

Prompt Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous
#security #llm
https://arxiv.org/abs/2508.12175

Design and analysis of a set of discrete variable protocols for secure quantum communication
Arindam Dutta
https://arxiv.org/abs/2508.06380 https://arxiv.o…

Design and analysis of a set of discrete variable protocols for secure quantum communication
The advent of quantum key distribution (QKD) has revolutionized secure communication by providing unconditional security, unlike classical cryptographic methods. However, its effectiveness relies on robust identity authentication, as vulnerabilities in the authentication process can cause a compromise with the security of the entire communication system. Over the past three decades, numerous quantum identity authentication (QIA) protocols have been proposed. This thesis first presents a chronol…

A K-adaptability Approach to Proton Radiation Therapy Robust Treatment Planning
Zihang Qiu, Ali Ajdari, Mislav Bobi\'c, Thomas Bortfeld, Dick den Hertog, Jannis Kurtz, Hoyeon Lee
https://arxiv.org/abs/2508.07368

A K-adaptability Approach to Proton Radiation Therapy Robust Treatment Planning
Uncertainties such as setup and range errors can significantly compromise proton therapy. A discrete uncertainty set is often constructed to represent different uncertainty scenarios. A min-max robust optimization approach is then utilized to optimize the worst-case performance of a radiation therapy plan against the uncertainty set. However, the min-max approach can be too conservative as a single plan has to account for the entire uncertainty set. K-adaptability is a novel approach to robust …

Involuntary Jailbreak
Yangyang Guo, Yangyan Li, Mohan Kankanhalli
https://arxiv.org/abs/2508.13246 https://arxiv.org/pdf/2508.13246

Involuntary Jailbreak
In this study, we disclose a worrying new vulnerability in Large Language Models (LLMs), which we term \textbf{involuntary jailbreak}. Unlike existing jailbreak attacks, this weakness is distinct in that it does not involve a specific attack objective, such as generating instructions for \textit{building a bomb}. Prior attack methods predominantly target localized components of the LLM guardrail. In contrast, involuntary jailbreaks may potentially compromise the entire guardrail structure, whic…

Ensembling Large Language Models for Code Vulnerability Detection: An Empirical Evaluation
Zhihong Sun, Jia Li, Yao Wan, Chuanyi Li, Hongyu Zhang, Zhi jin, Ge Li, Hong Liu, Chen Lyu, Songlin Hu
https://arxiv.org/abs/2509.12629

Ensembling Large Language Models for Code Vulnerability Detection: An Empirical Evaluation
Code vulnerability detection is crucial for ensuring the security and reliability of modern software systems. Recently, Large Language Models (LLMs) have shown promising capabilities in this domain. However, notable discrepancies in detection results often arise when analyzing identical code segments across different training stages of the same model or among architecturally distinct LLMs. While such inconsistencies may compromise detection stability, they also highlight a key opportunity: the …

"Malaysia’s turtle egg buyback scheme saved thousands — but is it sustainable?"
#Malaysia #Turtles #Animals

Malaysia’s turtle egg buyback scheme saved thousands — but is it sustainable?
On the moonlit beaches of Terengganu state, on Malaysia’s east coast, green sea turtles have been returning for generations to lay their eggs. For just as long, people have collected, sold and eaten the eggs as a delicacy, supporting coastal livelihoods but stressing turtle populations. As a conservation compromise to balance livelihoods and turtle protection, […]

The Senate on Thursday night approved its $925 billion version of the
National Defense Authorization Act,
the annual must-pass Pentagon policy blueprint,
setting up what is expected to be a lengthy negotiation with the House to finalize the bill.

The legislation, deadlocked for weeks over various partisan disagreements,
advanced by a margin of 77 to 20 following amendment votes earlier in the evening.

Senate and House staff will next reconcile their bills…

Senate passes $925 billion defense bill, setting up House talks
Staff from both chambers must now negotiate final, compromise legislation ahead of a vote expected later this fall.

GS-Verse: Mesh-based Gaussian Splatting for Physics-aware Interaction in Virtual Reality
Anastasiya Pechko, Piotr Borycki, Joanna Waczy\'nska, Daniel Barczyk, Agata Szyma\'nska, S{\l}awomir Tadeja, Przemys{\l}aw Spurek
https://arxiv.org/abs/2510.11878

GS-Verse: Mesh-based Gaussian Splatting for Physics-aware Interaction in Virtual Reality
As the demand for immersive 3D content grows, the need for intuitive and efficient interaction methods becomes paramount. Current techniques for physically manipulating 3D content within Virtual Reality (VR) often face significant limitations, including reliance on engineering-intensive processes and simplified geometric representations, such as tetrahedral cages, which can compromise visual fidelity and physical accuracy. In this paper, we introduce \our{} (\textbf{G}aussian \textbf{S}platting…

The revolting, media-assisted tax on the mathematically-challenged rears its ugly head again.
Compelling the lower class to make the nation's biggest sucker bets with "it's fun!" & "if you don't play, you can't win" are an obnoxious compromise of ethics.
#powerball

Towards Reliable Generative AI-Driven Scaffolding: Reducing Hallucinations and Enhancing Quality in Self-Regulated Learning Support
Keyang Qian, Shiqi Liu, Tongguang Li, Mladen Rakovi\'c, Xinyu Li, Rui Guan, Inge Molenaar, Sadia Nawaz, Zachari Swiecki, Lixiang Yan, Dragan Ga\v{s}evi\'c
https://arxiv.org/abs/2508.05929

Towards Reliable Generative AI-Driven Scaffolding: Reducing Hallucinations and Enhancing Quality in Self-Regulated Learning Support
Generative Artificial Intelligence (GenAI) holds a potential to advance existing educational technologies with capabilities to automatically generate personalised scaffolds that support students' self-regulated learning (SRL). While advancements in large language models (LLMs) promise improvements in the adaptability and quality of educational technologies for SRL, there remain concerns about the hallucinations in content generated by LLMs, which can compromise both the learning experience and …

⚠ Russia wants to guarantee peace, but doesn't sign the agreement – is a compromise possible?#shorts: https://benborges.xyz/2025/08/24/russia-wants-to-guarantee-peace.html…

Quantitative In Vivo Cherenkov Luminescence Imaging and Dosimetry of Yttrium-86-NM600
Campbell Haasch, Malick Bio Idrissou, Sydney Jupitz, Aubrey Parks, Reinier Hernandez, Brian Pogue, Bryan Bednarz
https://arxiv.org/abs/2509.13533

Quantitative In Vivo Cherenkov Luminescence Imaging and Dosimetry of Yttrium-86-NM600
Purpose: The expansion of radiopharmaceutical therapy (RPT) development demands scalable preclinical dosimetry methods. While PET and SPECT remain the gold standards, their low throughput and high cost limit large-cohort studies. Cherenkov luminescence imaging (CLI) offers a high-throughput alternative but suffers from depth-dependent attenuation and photon scatter that compromise quantitative accuracy. This work develops and validates a quantitative CLI methodology incorporating attenuation an…

Palo Alto confirms Salesloft Drift Integration was used to compromise Salesforce instances
https://unit42.paloaltonetworks.com/threat-brief-compromised-salesforce-instances/

Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances
This Threat Brief discusses observations on a campaign leveraging Salesloft Drift integration to exfiltrate data via compromised OAuth credentials.

To my way of thinking it is better to starve a mad dog than to feed it.
If this shutdown slows down the destruction being caused by the maga-klan then the hurt we will feel from the shutdown will be more than repaid by the retardation of our rapid descent into fascism, inflation, and international irrelevance.

Shutdown nears as congressional leaders meet with Trump
Democratic congressional leaders have left a White House meeting without a deal with President Donald Trump and Republicans to avoid a government shutdown. Trump is making it clear he has no intention to negotiate on Democrats’ current terms. Democrats are insisting on action to extend health care benefits, but Republicans are refusing to compromise. If government funding legislation is not passed by Congress and signed by Trump on Tuesday night, many government offices will be temporarily sh…

"Yes, years of compromise and disappointment have added depth to my acting."
-Rufus Sewell
#acting #coaching #inspiration

Dense Video Understanding with Gated Residual Tokenization
Haichao Zhang, Wenhao Chai, Shwai He, Ang Li, Yun Fu
https://arxiv.org/abs/2509.14199 https://ar…

Dense Video Understanding with Gated Residual Tokenization
High temporal resolution is essential for capturing fine-grained details in video understanding. However, current video large language models (VLLMs) and benchmarks mostly rely on low-frame-rate sampling, such as uniform sampling or keyframe selection, discarding dense temporal information. This compromise avoids the high cost of tokenizing every frame, which otherwise leads to redundant computation and linear token growth as video length increases. While this trade-off works for slowly changin…

Gov. Gavin Newsom signs a bill that gives ride-hailing drivers in California the right to unionize while remaining classified as independent contractors (Associated Press)
https://apnews.com/article/lyft-uber-rideshare-driver-union-cali…

California Uber and Lyft drivers get union rights
California Gov. Gavin Newsom has signed a bill allowing 800,000 Uber and Lyft drivers in the state to join a union and bargain collectively for better wages and benefits. The legislation is a significant compromise in the yearslong battle between labor unions and tech companies over drivers’ rights. California is the second state to give rideshare drivers the right to unionize. In exchange, Newsom also agreed to sign a bill supported by Uber and Lyft to lower the companies’ insurance requir…

Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous
Ben Nassi, Stav Cohen, Or Yair
https://arxiv.org/abs/2508.12175

Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous
The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware - maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of these applications. While prior research warned about a potential shift in the threat landscape for LLM-powered applications, the risk posed by Promptware is frequently perceived as low. In this paper, we investigate the risk Promptware poses to users of Gemini-powered assistants (web applicat…

Reduction of motion artifacts from photoplethysmography signals using learned convolutional sparse coding
Giulio Basso, Xi Long, Reinder Haakma, Rik Vullings
https://arxiv.org/abs/2508.10805

Reduction of motion artifacts from photoplethysmography signals using learned convolutional sparse coding
Objective. Wearable devices with embedded photoplethysmography (PPG) enable continuous non-invasive monitoring of cardiac activity, offering a promising strategy to reduce the global burden of cardiovascular diseases. However, monitoring during daily life introduces motion artifacts that can compromise the signals. Traditional signal decomposition techniques often fail with severe artifacts. Deep learning denoisers are more effective but have poorer interpretability, which is critical for clini…

A top Social Security Administration official turned whistleblower
says members of the Trump administration’s Department of Government Efficiency (DOGE)
uploaded hundreds of millions of Social Security records to a vulnerable cloud server,
putting the personal information of most Americans at risk of compromise.
Charles Borges, the Social Security Administration’s chief data officer,
said in a newly released whistleblower complaint published Tuesday
that o…

DOGE uploaded live copy of Social Security database to 'vulnerable' cloud server, says whistleblower | TechCrunch
The Social Security Administration's chief data officer has publicly blown the whistle, alleging DOGE put hundreds of millions of Social Security records at risk of compromise.

BWCache: Accelerating Video Diffusion Transformers through Block-Wise Caching
Hanshuai Cui, Zhiqing Tang, Zhifei Xu, Zhi Yao, Wenyi Zeng, Weijia Jia
https://arxiv.org/abs/2509.13789

BWCache: Accelerating Video Diffusion Transformers through Block-Wise Caching
Recent advancements in Diffusion Transformers (DiTs) have established them as the state-of-the-art method for video generation. However, their inherently sequential denoising process results in inevitable latency, limiting real-world applicability. Existing acceleration methods either compromise visual quality due to architectural modifications or fail to reuse intermediate features at proper granularity. Our analysis reveals that DiT blocks are the primary contributors to inference latency. Ac…

It's worth remembering that the civil war was a slave revolt:
#USPol

LinguaSim: Interactive Multi-Vehicle Testing Scenario Generation via Natural Language Instruction Based on Large Language Models
Qingyuan Shi, Qingwen Meng, Hao Cheng, Qing Xu, Jianqiang Wang
https://arxiv.org/abs/2510.08046

LinguaSim: Interactive Multi-Vehicle Testing Scenario Generation via Natural Language Instruction Based on Large Language Models
The generation of testing and training scenarios for autonomous vehicles has drawn significant attention. While Large Language Models (LLMs) have enabled new scenario generation methods, current methods struggle to balance command adherence accuracy with the realism of real-world driving environments. To reduce scenario description complexity, these methods often compromise realism by limiting scenarios to 2D, or open-loop simulations where background vehicles follow predefined, non-interactive…

Never Compromise to Vulnerabilities: A Comprehensive Survey on AI Governance
Yuchu Jiang, Jian Zhao, Yuchen Yuan, Tianle Zhang, Yao Huang, Yanghao Zhang, Yan Wang, Yanshu Li, Xizhong Guo, Yusheng Zhao, Jun Zhang, Zhi Zhang, Xiaojian Lin, Yixiu Zou, Haoxuan Ma, Yuhu Shang, Yuzhi Hu, Keshu Cai, Ruochen Zhang, Boyuan Chen, Yilan Gao, Ziheng Jiao, Yi Qin, Shuangjun Du, Xiao Tong, Zhekun Liu, Yu Chen, Xuankun Rong, Rui Wang, Yejie Zheng, Zhaoxin Fan, Hongyuan Zhang, Pan Zhou, Lei Jin, Hao Z…

Never Compromise to Vulnerabilities: A Comprehensive Survey on AI Governance
The rapid advancement of AI has expanded its capabilities across domains, yet introduced critical technical vulnerabilities, such as algorithmic bias and adversarial sensitivity, that pose significant societal risks, including misinformation, inequity, security breaches, physical harm, and eroded public trust. These challenges highlight the urgent need for robust AI governance. We propose a comprehensive framework integrating technical and societal dimensions, structured around three interconne…

Anchoring Refusal Direction: Mitigating Safety Risks in Tuning via Projection Constraint
Yanrui Du, Fenglei Fan, Sendong Zhao, Jiawei Cao, Qika Lin, Kai He, Ting Liu, Bing Qin, Mengling Feng
https://arxiv.org/abs/2509.06795

Anchoring Refusal Direction: Mitigating Safety Risks in Tuning via Projection Constraint
Instruction Fine-Tuning (IFT) has been widely adopted as an effective post-training strategy to enhance various abilities of Large Language Models (LLMs). However, prior studies have shown that IFT can significantly compromise LLMs' safety, particularly their ability to refuse malicious instructions, raising significant concerns. Recent research into the internal mechanisms of LLMs has identified the refusal direction (r-direction) in the hidden states, which plays a pivotal role in governing r…

Latent Policy Barrier: Learning Robust Visuomotor Policies by Staying In-Distribution
Zhanyi Sun, Shuran Song
https://arxiv.org/abs/2508.05941 https://arxi…

Latent Policy Barrier: Learning Robust Visuomotor Policies by Staying In-Distribution
Visuomotor policies trained via behavior cloning are vulnerable to covariate shift, where small deviations from expert trajectories can compound into failure. Common strategies to mitigate this issue involve expanding the training distribution through human-in-the-loop corrections or synthetic data augmentation. However, these approaches are often labor-intensive, rely on strong task assumptions, or compromise the quality of imitation. We introduce Latent Policy Barrier, a framework for robust …

OBsmith: Testing JavaScript Obfuscator using LLM-powered sketching
Shan Jiang, Chenguang Zhu, Sarfraz Khurshid
https://arxiv.org/abs/2510.10066 https://arx…

OBsmith: Testing JavaScript Obfuscator using LLM-powered sketching
JavaScript obfuscators are widely deployed to protect intellectual property and resist reverse engineering, yet their correctness has been largely overlooked compared to performance and resilience. Existing evaluations typically measure resistance to deobfuscation, leaving the critical question of whether obfuscators preserve program semantics unanswered. Incorrect transformations can silently alter functionality, compromise reliability, and erode security-undermining the very purpose of obfusc…

Composable Score-based Graph Diffusion Model for Multi-Conditional Molecular Generation
Anjie Qiao, Zhen Wang, Chuan Chen, DeFu Lian, Enhong Chen
https://arxiv.org/abs/2509.09451

Composable Score-based Graph Diffusion Model for Multi-Conditional Molecular Generation
Controllable molecular graph generation is essential for material and drug discovery, where generated molecules must satisfy diverse property constraints. While recent advances in graph diffusion models have improved generation quality, their effectiveness in multi-conditional settings remains limited due to reliance on joint conditioning or continuous relaxations that compromise fidelity. To address these limitations, we propose Composable Score-based Graph Diffusion model (CSGD), the first mo…

Detaining US citizen upon returning to US in attempt to compromise student information in a school system, claiming they have no Constitutional rights, is ice this week.
https://www.yahoo.com/news/videos/vermont-school-superintendent-detained-tri…

Vermont school superintendent detained after trip to Nicaragua
Wilmer Chavarria, the superintendent of the Winooski School District, was held by U.S. Customs and Border Protection while returning to the country after...

Navigating the Dual-Use Nature and Security Implications of Reconfigurable Intelligent Surfaces in Next-Generation Wireless Systems
Hetong Wang, Tiejun Lv, Yashuai Cao, Weicai Li, Jie Zeng, Pingmu Huang, Muhammad Khurram Khan
https://arxiv.org/abs/2510.11113

Navigating the Dual-Use Nature and Security Implications of Reconfigurable Intelligent Surfaces in Next-Generation Wireless Systems
Reconfigurable intelligent surface (RIS) technology offers significant promise in enhancing wireless communication systems, but its dual-use potential also introduces substantial security risks. This survey explores the security implications of RIS in next-generation wireless networks. We first highlight the dual-use nature of RIS, demonstrating how its communication-enhancing capabilities can be exploited by adversaries to compromise legitimate users. We identify a new class of security vulner…

MoGU V2: Toward a Higher Pareto Frontier Between Model Usability and Security
Yanrui Du, Fenglei Fan, Sendong Zhao, Jiawei Cao, Ting Liu, Bing Qin
https://arxiv.org/abs/2509.06807

MoGU V2: Toward a Higher Pareto Frontier Between Model Usability and Security
As Large Language Models (LLMs) increasingly permeate human life, their security has emerged as a critical concern, particularly their ability to maintain harmless responses to malicious instructions. Although extensive methods have improved LLMs' security, they often lead to conservative, rejection-oriented responses that compromise practical usability. This presents a key challenge: how to advance the Pareto frontier between LLMs' usability and security, rather than necessitate a trade-off be…

“ Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System”
#china

FBI warns of Scattered Spider and ShinyHunters attacks on Salesforce platforms https://therecord.media/fbi-warns-scattered-spider-salesforce

Poisoning Attacks on LLMs Require a Near-constant Number of Poison Samples
Alexandra Souly, Javier Rando, Ed Chapman, Xander Davies, Burak Hasircioglu, Ezzeldin Shereen, Carlos Mougan, Vasilios Mavroudis, Erik Jones, Chris Hicks, Nicholas Carlini, Yarin Gal, Robert Kirk
https://arxiv.org/abs/2510.07192…

Poisoning Attacks on LLMs Require a Near-constant Number of Poison Samples
Poisoning attacks can compromise the safety of large language models (LLMs) by injecting malicious documents into their training data. Existing work has studied pretraining poisoning assuming adversaries control a percentage of the training corpus. However, for large models, even small percentages translate to impractically large amounts of data. This work demonstrates for the first time that poisoning attacks instead require a near-constant number of documents regardless of dataset size. We co…

Diffusion Transformers with Representation Autoencoders
Boyang Zheng, Nanye Ma, Shengbang Tong, Saining Xie
https://arxiv.org/abs/2510.11690 https://arxiv.…

Diffusion Transformers with Representation Autoencoders
Latent generative modeling, where a pretrained autoencoder maps pixels into a latent space for the diffusion process, has become the standard strategy for Diffusion Transformers (DiT); however, the autoencoder component has barely evolved. Most DiTs continue to rely on the original VAE encoder, which introduces several limitations: outdated backbones that compromise architectural simplicity, low-dimensional latent spaces that restrict information capacity, and weak representations that result f…

SoK: How Sensor Attacks Disrupt Autonomous Vehicles: An End-to-end Analysis, Challenges, and Missed Threats
Qingzhao Zhang, Shaocheng Luo, Z. Morley Mao, Miroslav Pajic, Michael K. Reiter
https://arxiv.org/abs/2509.11120

SoK: How Sensor Attacks Disrupt Autonomous Vehicles: An End-to-end Analysis, Challenges, and Missed Threats
Autonomous vehicles, including self-driving cars, robotic ground vehicles, and drones, rely on complex sensor pipelines to ensure safe and reliable operation. However, these safety-critical systems remain vulnerable to adversarial sensor attacks that can compromise their performance and mission success. While extensive research has demonstrated various sensor attack techniques, critical gaps remain in understanding their feasibility in real-world, end-to-end systems. This gap largely stems from…

CISA urges orgs to review software after ‘Shai-Hulud’ supply chain compromise https://therecord.media/cisa-urges-software-reviews-malicious-packages

Lightweight CNN-Based Wi-Fi Intrusion Detection Using 2D Traffic Representations
Rayed Suhail Ahmad, Rehan Ahmad, Quamar Niyaz
https://arxiv.org/abs/2510.11898 https://

Lightweight CNN-Based Wi-Fi Intrusion Detection Using 2D Traffic Representations
Wi-Fi networks are ubiquitous in both home and enterprise environments, serving as a primary medium for Internet access and forming the backbone of modern IoT ecosystems. However, their inherent vulnerabilities, combined with widespread adoption, create opportunities for malicious actors to gain unauthorized access or compromise sensitive data stored on connected devices. To address these challenges, we propose a deep learning based network intrusion detection system (NIDS) for Wi-Fi environmen…

A Structured Review of Underwater Object Detection Challenges and Solutions: From Traditional to Large Vision Language Models
Edwine Nabahirwa, Wei Song, Minghua Zhang, Yi Fang, Zhou Ni
https://arxiv.org/abs/2509.08490

A Structured Review of Underwater Object Detection Challenges and Solutions: From Traditional to Large Vision Language Models
Underwater object detection (UOD) is vital to diverse marine applications, including oceanographic research, underwater robotics, and marine conservation. However, UOD faces numerous challenges that compromise its performance. Over the years, various methods have been proposed to address these issues, but they often fail to fully capture the complexities of underwater environments. This review systematically categorizes UOD challenges into five key areas: Image quality degradation, target-relat…

TraceAegis: Securing LLM-Based Agents via Hierarchical and Behavioral Anomaly Detection
Jiahao Liu, Bonan Ruan, Xianglin Yang, Zhiwei Lin, Yan Liu, Yang Wang, Tao Wei, Zhenkai Liang
https://arxiv.org/abs/2510.11203

TraceAegis: Securing LLM-Based Agents via Hierarchical and Behavioral Anomaly Detection
LLM-based agents have demonstrated promising adaptability in real-world applications. However, these agents remain vulnerable to a wide range of attacks, such as tool poisoning and malicious instructions, that compromise their execution flow and can lead to serious consequences like data breaches and financial loss. Existing studies typically attempt to mitigate such anomalies by predefining specific rules and enforcing them at runtime to enhance safety. Yet, designing comprehensive rules is di…

Effective Training Data Synthesis for Improving MLLM Chart Understanding
Yuwei Yang, Zeyu Zhang, Yunzhong Hou, Zhuowan Li, Gaowen Liu, Ali Payani, Yuan-Sen Ting, Liang Zheng
https://arxiv.org/abs/2508.06492

Effective Training Data Synthesis for Improving MLLM Chart Understanding
Being able to effectively read scientific plots, or chart understanding, is a central part toward building effective agents for science. However, existing multimodal large language models (MLLMs), especially open-source ones, are still falling behind with a typical success rate of 30%-50% on challenging benchmarks. Previous studies on fine-tuning MLLMs with synthetic charts are often restricted by their inadequate similarity to the real charts, which could compromise model training and performa…

Designing with Deception: ML- and Covert Gate-Enhanced Camouflaging to Thwart IC Reverse Engineering
Junling Fan, David Koblah, Domenic Forte
https://arxiv.org/abs/2508.08462 ht…

Designing with Deception: ML- and Covert Gate-Enhanced Camouflaging to Thwart IC Reverse Engineering
Integrated circuits (ICs) are essential to modern electronic systems, yet they face significant risks from physical reverse engineering (RE) attacks that compromise intellectual property (IP) and overall system security. While IC camouflage techniques have emerged to mitigate these risks, existing approaches largely focus on localized gate modifications, neglecting comprehensive deception strategies. To address this gap, we present a machine learning (ML)-driven methodology that integrates cryp…

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves
Moritz Steffin, Jiska Classen
https://arxiv.org/abs/2510.09272 https://arxiv.org/p…

Modern iOS Security Features -- A Deep Dive into SPTM, TXM, and Exclaves
The XNU kernel is the basis of Apple's operating systems. Although labeled as a hybrid kernel, it is found to generally operate in a monolithic manner by defining a single privileged trust zone in which all system functionality resides. This has security implications, as a kernel compromise has immediate and significant effects on the entire system. Over the past few years, Apple has taken steps towards a more compartmentalized kernel architecture and a more microkernel-like design. To date, th…

Membrane: A Cryptographic Access Control System for Data Lakes
Sam Kumar, Samyukta Yagati, Conor Power, David E. Culler, Raluca Ada Popa
https://arxiv.org/abs/2509.08740 https:/…

Membrane: A Cryptographic Access Control System for Data Lakes
Organizations use data lakes to store and analyze sensitive data. But hackers may compromise data lake storage to bypass access controls and access sensitive data. To address this, we propose Membrane, a system that (1) cryptographically enforces data-dependent access control views over a data lake, (2) without restricting the analytical queries data scientists can run. We observe that data lakes, unlike DBMSes, disaggregate computation and storage into separate trust domains, making at-rest en…

Stealth by Conformity: Evading Robust Aggregation through Adaptive Poisoning
Ryan McGaughey, Jesus Martinez del Rincon, Ihsen Alouani
https://arxiv.org/abs/2509.08746 https://…

Stealth by Conformity: Evading Robust Aggregation through Adaptive Poisoning
Federated Learning (FL) is a distributed learning paradigm designed to address privacy concerns. However, FL is vulnerable to poisoning attacks, where Byzantine clients compromise the integrity of the global model by submitting malicious updates. Robust aggregation methods have been widely adopted to mitigate such threats, relying on the core assumption that malicious updates are inherently out-of-distribution and can therefore be identified and excluded before aggregating client updates. In th…

Blockchain-Based Decentralized Domain Name System
Guang Yang, Peter Trinh, Alma Nkemla, Amuru Serikyaku, Edward Tatchim, Osman Sharaf
https://arxiv.org/abs/2508.05655 https://…

Blockchain-Based Decentralized Domain Name System
The current Domain Name System (DNS) infrastructure faces critical vulnerabilities including poisoning attacks, censorship mechanisms, and centralized points of failure that compromise internet freedom and security. Recent incidents such as DNS poisoning attacks on ISP customers highlight the urgent need for resilient alternatives. This paper presents a novel blockchain-based Decentralized Domain Name System (DDNS). We designed a specialized Proof-of-Work blockchain to maximize support for DNS-…

SilentLedger: Privacy-Preserving Auditing for Blockchains with Complete Non-Interactivity
Zihan Liu, Xiaohu Wang, Chao Lin, Minghui Xu, Debiao He, Xinyi Huang
https://arxiv.org/abs/2509.08722

SilentLedger: Privacy-Preserving Auditing for Blockchains with Complete Non-Interactivity
Privacy-preserving blockchain systems are essential for protecting transaction data, yet they must also provide auditability that enables auditors to recover participant identities and transaction amounts when warranted. Existing designs often compromise the independence of auditing and transactions, introducing extra interactions that undermine usability and scalability. Moreover, many auditable solutions depend on auditors serving as validators or recording nodes, which introduces risks to bo…

GNN-enhanced Traffic Anomaly Detection for Next-Generation SDN-Enabled Consumer Electronics
Guan-Yan Yang, Farn Wang, Kuo-Hui Yeh
https://arxiv.org/abs/2510.07109 https://

GNN-enhanced Traffic Anomaly Detection for Next-Generation SDN-Enabled Consumer Electronics
Consumer electronics (CE) connected to the Internet of Things are susceptible to various attacks, including DDoS and web-based threats, which can compromise their functionality and facilitate remote hijacking. These vulnerabilities allow attackers to exploit CE for broader system attacks while enabling the propagation of malicious code across the CE network, resulting in device failures. Existing deep learning-based traffic anomaly detection systems exhibit high accuracy in traditional network …

A multi-layered embedded intrusion detection framework for programmable logic controllers
Rishabh Das. Aaron Werth, Tommy Morris
https://arxiv.org/abs/2510.07171 https://…

A multi-layered embedded intrusion detection framework for programmable logic controllers
Industrial control system (ICS) operations use trusted endpoints like human machine interfaces (HMIs) and workstations to relay commands to programmable logic controllers (PLCs). Because most PLCs lack layered defenses, compromise of a trusted endpoint can drive unsafe actuator commands and risk safety-critical operation. This research presents an embedded intrusion detection system that runs inside the controller and uses header-level telemetry to detect and respond to network attacks. The sys…

P2P: A Poison-to-Poison Remedy for Reliable Backdoor Defense in LLMs
Shuai Zhao, Xinyi Wu, Shiqian Zhao, Xiaobao Wu, Zhongliang Guo, Yanhao Jia, Anh Tuan Luu
https://arxiv.org/abs/2510.04503

P2P: A Poison-to-Poison Remedy for Reliable Backdoor Defense in LLMs
During fine-tuning, large language models (LLMs) are increasingly vulnerable to data-poisoning backdoor attacks, which compromise their reliability and trustworthiness. However, existing defense strategies suffer from limited generalization: they only work on specific attack types or task settings. In this study, we propose Poison-to-Poison (P2P), a general and effective backdoor defense algorithm. P2P injects benign triggers with safe alternative labels into a subset of training samples and fi…