Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
GitHub

️ TypeScript Image Resizer: Zero-dependency module for resizing images using DOM File object. Returns base64 encoded string in Rust-like result object. Utilizes Canvas ...

This powerful module, written entirely in TypeScript, empowers you to seamlessly resize images using the DOM File object as input. With its sleek implementation, it harnesses the mighty Canvas browser ...
GitHub

SED: A Simple Encoder-Decoder for Open-Vocabulary Semantic Segmentation

We propose an encoder-decoder for open-vocabulary semantic segmentation comprising a hierarchical encoder-based cost map generation and a gradual fusion decoder. We introduce a category early ...
IEEE

Encoder-Free Multiaxis Physics-Aware Fusion Network for Remote Sensing Image Dehazing

Abstract: Current methods for remote sensing image dehazing confront noteworthy computational intricacies and yield suboptimal dehazed outputs, thereby circumscribing their pragmatic applicability. To ...
IEEE

Privacy-Encoded Federated Learning Against Gradient-Based Data Reconstruction Attacks

Abstract: Federated learning (FL) enables multiple local clients to collaboratively train a global model, which can reduce privacy leakage by sharing model parameters instead of private datasets.