
2025-09-25 16:56:04
Here's what you need to know about the RCE flaw in the Cisco appliance software
Cisco: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O
NCSC:
Here's what you need to know about the RCE flaw in the Cisco appliance software
Cisco: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O
NCSC:
Free software communities offer ethical alternatives to the centralised platforms by the web giants:
It is possible to find trusted services that respect your privacy
https://degooglisons-internet.org/en/
Wow, this seems like a big deal - an RCE in some critical Cisco products that can be exploited by low-privilege users.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O
Experience Deploying Containerized GenAI Services at an HPC Center
Angel M. Beltre, Jeff Ogden, Kevin Pedretti
https://arxiv.org/abs/2509.20603 https://arx…
Mastodon, the nonprofit behind the social network, plans to offer paid hosting, moderation, and support services for organizations joining the fediverse (Sarah Perez/TechCrunch)
https://techcrunch.com/2025/09/19/mast
The Atacama Cosmology Telescope: Release of A databaSe of millimeTeR ObservatioNs of Asteroids Using acT (ASTRONAUT)
Ricco C. Venterea, John Orlowski-Scherer, Nicholas Battaglia, Sigurd Naess, Steve K. Choi, Allen Foster, Joseph Golec, Bruce Patridge, Crist\'obal Sif\'on
https://arxiv.org/abs/2508.18300
Colt Technology Services has confirmed that data was stolen in a recent cyberattack that disrupted its operations.
The admission comes as the Warlock ransomware gang begins auctioning what it claims are over a million stolen documents on its dark web site.
https://www.computing.co.uk/news/202…
New today - #Apple #MacAdmins could previously restrict "my org's Managed Apple Accounts can -only- be used on org owned devices"
Today the converse is now available: You can enforce that on org devices, only your org's Managed Apple Accounts are allowed to sign into that device
https://support.apple.com/guide/apple-business-manager/customize-user-access-apps-services-axm53xk34bq/1/web/1#axmc181646cf
Building a robust OAuth token based API Security: A High level Overview
Senthilkumar Gopal
https://arxiv.org/abs/2507.16870 https://arxiv.org/pdf/2507.1687…
Mastodon erhält neue Hosting- und Support-Angebote, die auf größere Organisationen und öffentliche Einrichtungen zugeschnitten sind. Diese ermöglichen es ihnen, ihre eigene soziale Identität auf ihrer eigenen Infrastruktur zu besitzen.
Ideal für Unis, Institute, Stiftungen oder NGOs um eine resiliente und kontrollierbare Kommunikation aufzubauen, unabhängig von BigTech.
Auch Schulen können eigene Instanzen für souveränes social media aufbauen.
DBOS Network Sensing: A Web Services Approach to Collaborative Awareness
Sophia Lockton, Jeremy Kepner, Michael Stonebraker, Hayden Jananthan, LaToya Anderson, William Arcand, David Bestor, William Bergeron, Alex Bonn, Daniel Burrill, Chansup Byun, Timothy Davis, Vijay Gadepally, Michael Houle, Matthew Hubbell, Michael Jones, Piotr Luszczek, Peter Michaleas, Lauren Milechin, Chasen Milner, Guillermo Morales, Julie Mullen, Michel Pelletier, Alex Poliakov, Andrew Prout, Albert Reuther, A…
what a drag. i really enjoyed @… & @…. https://
For those interested in local and self-hosting, gonna be running our monthly #libre/#FOSS catchup at https://meeting.iridescent.nz tonight at 20:00 NZST talking about migrating our *many* web services built with Doc…
Throttling Web Agents Using Reasoning Gates
Abhinav Kumar, Jaechul Roh, Ali Naseh, Amir Houmansadr, Eugene Bagdasarian
https://arxiv.org/abs/2509.01619 https://
Security smells in infrastructure as code: a taxonomy update beyond the seven sins
Aicha War, Serge L. B. Nikiema, Jordan Samhi, Jacques Klein, Tegawende F. Bissyande
https://arxiv.org/abs/2509.18761
Most #RESTful #APIs aren't really RESTful
https://florian-krae…
Instead of relying entirely on donations and grants as before,
Mastodon announced on Friday that it will now offer paid hosting, moderation, and support services for organizations that want to join the open social web.
That network, also called the fediverse, offers a way for individuals and organizations to set up their own servers that interconnect with others that run the same protocol, ActivityPub.
ActivityPub powers a number of different software applications, includin…
Google Cloud has competed well against AWS in AI, attracting business from The Browser Company, Safe Superintelligence, Thinking Machines Lab, and OpenAI (Kevin McLaughlin/The Information)
https://www.theinformation.com/articles/google-finds-crack-amazons-c…
I boosted this the other day:
https://w3c.social/@wai/115131341361675726
But I have not yet read the Accessibility Maturity Model Draft Note:
https:/…
Apologies for the downtime on phpc.social this morning. Restarted services a little too early. We're good to go now (indexing ElasticSearch items in the background for the rest of the day but the site is functional otherwise).
In related news, phpc.social is now running Mastodon 4.4.1, hence it looking a bit different from before if you're using the web UI.
#MastoAdmin
Fast and Interactive Byzantine Fault-tolerant Web Services via Session-Based Consensus Decoupling
Ahmad Zaki Akmal, Azkario Rizky Pratama, Guntur Dharma Putra
https://arxiv.org/abs/2507.08281
Artificial Intelligence in Rural Healthcare Delivery: Bridging Gaps and Enhancing Equity through Innovation
Kiruthika Balakrishnan, Durgadevi Velusamy, Hana E. Hinkle, Zhi Li, Karthikeyan Ramasamy, Hikmat Khan, Srini Ramaswamy, Pir Masoom Shah
https://arxiv.org/abs/2508.11738
AI is flooding libraries with generated content just as budgets and staff are at their most precarious. This Thursday at 10am EDT my ASIS&T webinar asks if we need to ban it, label it, absorb it—or rethink the library itself.
https://www.asist.org/meetings-events/webi
MCPmed: A Call for MCP-Enabled Bioinformatics Web Services for LLM-Driven Discovery
Matthias Flotho (Chair for Clinical Bioinformatics, Center for Bioinformatics, Saarland University, Germany, Helmholtz Institute for Pharmaceutical Research Saarland), Ian Ferenc Diks (Chair for Clinical Bioinformatics, Center for Bioinformatics, Saarland University, Germany, Helmholtz Institute for Pharmaceutical Research Saarland), Philipp Flotho (Chair for Clinical Bioinformatics, Center for Bioinfor…
Enabling Content Management Systems as an Information Source in Model-driven Projects
Joan Giner-Miguelez, Abel G\'omez, Jordi Cabot
https://arxiv.org/abs/2508.19797 https:/…
Amazon rarely publicly discusses take down or incident response actions, which I'd guess makes this noteworthy:
https://aws.amazon.com/blogs/security/amazon-disrupts-watering-hole-campaign-by-russias-apt29/
A little tip to all those folks using Amazon Web Services or Microsoft Azure or Google Cloud: you're paying ~ 20x more than you need to be paying. If you claim you're using 'special services only provided by __insert name of ripoff cloud provider here__' then you've got your organisation locked into a single provider with the inability to move to a better one. Consider your options very carefully & build vendor-agnostic systems. Dependence on
Cyber security of Mega Events: A Case Study of Securing the Digital Infrastructure for MahaKumbh 2025 -- A 45 days Mega Event of 600 Million Footfalls
Rohit Negi, Amit Negi, Manish Sharma, S. Venkatesan, Prem Kumar, Sandeep K. Shukla
https://arxiv.org/abs/2507.15660
Crosslisted article(s) found for cs.OS. https://arxiv.org/list/cs.OS/new
[1/1]:
- DBOS Network Sensing: A Web Services Approach to Collaborative Awareness
Sophia Lockton, et al.
Uniting the World by Dividing it: Federated Maps to Enable Spatial Applications
Sagar Bharadwaj, Srinivasan Seshan, Anthony Rowe
https://arxiv.org/abs/2507.11437
Source: Nvidia is scaling back DGX Cloud to primarily internal R&D use; DGX Cloud was initially envisioned to compete with major cloud providers like AWS (Anissa Gardizy/The Information)
https://www.theinformation.com/articles/nvidia-steps-back-cloud-ef…
SRWToolkit: An Open Source Wizard of Oz Toolkit to Create Social Robotic Avatars
Atikkhan Faridkhan Nilgar, Kristof Van Laerhoven, Ayub Kinoti
https://arxiv.org/abs/2509.04356 h…
Unveiling Usability Challenges in Web Privacy Controls
Rahat Masood, Sunday Oyinlola Ogundoyin, Muhammad Ikram, Alex Ye
https://arxiv.org/abs/2507.11908 ht…
Die Abhängigkeit Europas von ausländischer IT Tech ist groß und besteht schon lange. Der Großteil der staatlichen Dienstleistungen, der Gesundheitssysteme und der Infrastruktur des Privatsektors läuft auf Plattformen, die von Microsoft, Amazon Web Services (AWS) und Google kontrolliert werden
https://thenextweb.com/…
Can Large Language Models Understand As Well As Apply Patent Regulations to Pass a Hands-On Patent Attorney Test?
Bhakti Khera, Rezvan Alamian, Pascal A. Scherz, Stephan M. Goetz
https://arxiv.org/abs/2507.10576
Quantum-Classical Auxiliary Field Quantum Monte Carlo with Matchgate Shadows on Trapped Ion Quantum Computers
Luning Zhao, Joshua J. Goings, Willie Aboumrad, Andrew Arrasmith, Lazaro Calderin, Spencer Churchill, Dor Gabay, Thea Harvey-Brown, Melanie Hiles, Magda Kaja, Matthew Keesan, Karolina Kulesz, Andrii Maksymov, Mei Maruo, Mauricio Mu\~noz, Bas Nijholt, Rebekah Schiller, Yvette de Sereville, Amy Smidutz, Felix Tripier, Grace Yao, Trishal Zaveri, Coleman Collins, Martin Roetteler, …
Sources: AWS is launching a marketplace for AI agents, with Anthropic as one of its partners, at the AWS Summit in NYC next week (Jagmeet Singh/TechCrunch)
https://techcrunch.com/2025/07/10/aws-is-launching-an-ai-ag…
OASBuilder: Generating OpenAPI Specifications from Online API Documentation with Large Language Models
Koren Lazar, Matan Vetzler, Kiran Kate, Jason Tsay, David Boaz Himanshu Gupta, Avraham Shinnar, Rohith D Vallam, David Amid Esther Goldbraich, Guy Uziel, Jim Laredo, Ateret Anaby Tavor
https://arxiv.org/abs/2507.05316
Crosslisted article(s) found for cs.DC. https://arxiv.org/list/cs.DC/new
[1/1]:
- DBOS Network Sensing: A Web Services Approach to Collaborative Awareness
Sophia Lockton, et al.
Breaking Obfuscation: Cluster-Aware Graph with LLM-Aided Recovery for Malicious JavaScript Detection
Zhihong Liang, Xin Wang, Zhenhuang Hu, Liangliang Song, Lin Chen, Jingjing Guo, Yanbin Wang, Ye Tian
https://arxiv.org/abs/2507.22447
Using Containers to Speed Up Development, to Run Integration Tests and to Teach About Distributed Systems
Marco Mambelli, Bruno Moreira Coimbra, Namratha Urs, Ilya Baburashvili
https://arxiv.org/abs/2507.21464
Trivial Trojans: How Minimal MCP Servers Enable Cross-Tool Exfiltration of Sensitive Data
Nicola Croce, Tobin South
https://arxiv.org/abs/2507.19880 https://