Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
IEEE

Continuous Authentication in IoT-based Smart Home Application: A Survey and a Design Framework Using Vector Similarity Search

Abstract: Consumer electronics (CE) in Internet of Things (IoT)-based smart home applications are rapidly growing and used as a daily life part. Authentication has been utilized for decades to secure ...
GitHub

SQLBarber: Leverageing Large Language Models Generate Customized and Realistic SQL Workloads (SIGMOD 2026)

Database research and development often require a large number of SQL queries for benchmarking purposes. However, acquiring real-world SQL queries is challenging due to privacy concerns, and existing ...
Security Boulevard

LeakyLooker: Hacking Google Cloud’s Data via Dangerous Looker Studio Vulnerabilities

Tenable Research revealed "LeakyLooker," a set of nine novel cross-tenant vulnerabilities in Google Looker Studio. These flaws could have let attackers exfiltrate or modify data across Google services ...
IEEE

PQ-ABS: Post-Quantum Aggregate Blind Signature-Based Anonymous Authentication for Blockchain-Enabled IoMT

Abstract: Blockchain-enabled Internet of Medical Things (BIoMT) systems require secure and anonymous authentication. However, existing mechanisms rely on classical cryptography, which becomes ...
GitHub

A Forge 1.20.x mod that securely verifies premium accounts on an offline-mode server during the login phase, without sending the player's access token to the server.

Ask the client to perform Mojang "joinServer" locally. Verify with Mojang Session Server from the server using a nonce. If verification passes: replace the player's UUID with the official premium UUID ...