Rowhammer bit flips in DRAM enable software attackers to fully compromise a great variety of systems. Hardware mitigations can be precise and efficient but suffer from long deployment cycles and very limited or no update capabilities. Consequently, refined attack methods have repeatedly bypassed deployed hardware protections, repeatedly leaving commodity systems vulnerable to Rowhammer attacks.

In this paper, we present Memory Band-Aid, a principled defense-in-depth against Rowhammer. Memory Band-Aid is no replacement for long-term, efficient hardware mitigations but a defense-in-depth that is activated when hardware mitigations are discovered to be insufficient on a specific system generation. For this purpose, Memory Band-Aid introduces per-thread and per-bank rate limits for DRAM accesses in the memory controller, ensuring that the minimum number of row activations for Rowhammer bit flips cannot be reached. We implement a proof-of-concept of Memory Band-Aid on Ubuntu Linux and test it on 3 Intel and 3 AMD systems. In a micro-benchmark to cause DRAM pressure, we observe a slow down up to a factor of 5.2. In a collection of realistic Phoronix macro-benchmarks, we observe a low overhead of 0 % to 9.4 %. Both overheads only apply to untrusted throttled workloads, e.g., sandboxes, for instance in browsers. Especially as Memory Band-Aid can be enabled on demand, we conclude that Memory Band-Aid is an important defense-in-depth that should be deployed in practice as a second defense layer.

Rowhammer is a disturbance error in Dynamic Random-Access Memory (DRAM) that can be deliberately triggered from software by repeatedly reading, i. e., hammering, proximate memory locations in different DRAM rows. While numerous studies evaluated the Rowhammer effect, in particular how it can be triggered and how it can be exploited, most studies only use a small sample size of Dual In-line Memory Modules (DIMMs). Only few studies provided indication for the prevalence of the effect, with clear limitations to specific hardware configurations or FPGA-based experiments with precise control of the DIMM, limiting how far the results can be generalized.

In this paper, we perform the frist large-scale study of the Rowhammer effect involving 1 006 data sets from 822 systems. We measure Rowhammer prevalence in a fully automated crossplatform framework, FLIPKIT, using the available state-of-theart software-based DRAM and Rowhammer tools. Our framework automatically gathers information about the DRAM and uses 5 tools to reverse-engineer the DRAM addressing functions, and based on the reverse-engineered functions uses 7 tools to mount Rowhammer. We distributed the framework online and via USB thumb drives to thousands of participants from December 30, 2024, to June 30, 2025. Overall, we collected 1 006 datasets from systems with various CPUs, DRAM generations, and vendors. Our study reveals that out of 1 006 datasets, 453 (371 of the 822 unique systems) succeeded in the first stage of reverseengineering the DRAM addressing functions, indicating that successfully and reliably recovering DRAM addressing functions remains a significant open problem. In the second stage, 126 (12.5 % of all datasets) exhibited bit flips in our fully automated Rowhammer attacks. Our results show that fully-automated, i. e., weaponizable, Rowhammer attacks work on a lower share of systems than FPGA-based and lab experiments indicated but with 12.5 % enough to be a practical vector for threat actors. Furthermore, our results highlight that the two most pressing research challenges around Rowhammer exploitability are more reliable reverse-engineering addressing functions, as 50 % of datasets without bit flips failed in the DRAM reverse-engineering stage, and reliable Rowhammer attacks across diverse processor microarchitectures1, as only 12.5 % of datasets contained bit flips. Addressing each of these challenges could double the number of systems susceptible to Rowhammer and make Rowhammer a more pressing threat in real-world scenarios. 

Background

Rare diseases affect a small percentage of the population, leading to challenges such as delayed diagnoses and limited treatment options. Mobile health technologies offer solutions to improve patient outcomes, yet their application in rare diseases remains underexplored. The German citizen science project SelEe created a customizable app for the self-management of rare diseases through a co-creation process that involved patients with such conditions.

Methods

The project consisted of three phases. In Phase 1, 9 to 68 patients or relatives of patients participated in workshops to define research topics and app requirements. Phase 2 involved a core research team of nine patients and researchers who iteratively developed the app, released in March 2023. Phase 3 focused on evaluating the app’s usage and usability through an in-app survey conducted from March 2023 to February 2024. We utilized descriptive statistics to evaluate app usage and employed the mHealth App Usability Questionnaire to assess usability.

Results

The SelEe app offers the possibility to create and store data in a personalized health diary. Patients can create their own templates or use templates which were defined by the core research team. Users can record findings (e.g. blood test results) and export data using different graphs and formats. Furthermore, the app supports blind users. The app was downloaded 3040 times and 1456 users registered, with 1967 unique diseases entered. 50.7% of the diseases were rare, 30.5% non-rare, and 18.8% were classified as suspected, undefined, or symptoms. A total of 1223 valid user profiles were analyzed for app usage and demographics. Furthermore, 432 users qualified for the in-app survey by making at least one health diary entry, and 117 participated. The app was rated with an overall usability score of 5.19 out of 7. While the app’s health diary function was frequently used, other functionalities like findings and data export were less utilized. Feedback highlighted the need for improved usability and additional features.

Conclusions

The study highlights active patient engagement in developing a mobile health app for individuals with rare diseases. Although improvements are necessary for broader acceptance, the app is promising for the management of rare diseases.

We introduce WireTrust, a VPN architecture for ARMv8-A devices that leverages ARM TrustZone to mitigate OS-level vulnerabilities. Contrary to commodity VPNs, WireTrust does not rely on the security of the OS, its network stack, or its routing tables to provide a secure VPN full tunnel. WireTrust operates transparently to applications on the device and enforces that all IP traffic is routed exclusively through the VPN tunnel, blocking attempts to bypass it even if the OS has been compromised. WireTrust ensures that packets outside the tunnel are discarded before they reach the OS, significantly reducing the device’s attack surface that is exposed to the public internet. Extending the WireGuard VPN, we implement a proof of concept on real hardware, show that WireTrust's additions to the trusted computing base account for 6.61%, and measure a performance penalty of 2.12% - 5.50% on TCP throughput and 1.40% on latency compared to stock WireGuard.

KI im Marketing, Methoden des maschinellen Lernens, Anwendungsmöglichkeiten von KI im Marketing, insbesondere auch von generativer KI

This paper introduces a novel benchmark dataset designed to evaluate the capabilities of Vision Language Models (VLMs) on tasks that combine visual reasoning with subject-specific background knowledge in the German language. In contrast to widely used English-language benchmarks that often rely on artificially difficult or decontextualized problems, this dataset draws from real middle school curricula across nine domains including mathematics, history, biology, and religion. The benchmark includes over 2,000 open-ended questions grounded in 486 images, ensuring that models must integrate visual interpretation with factual reasoning rather than rely on superficial textual cues. We evaluate thirteen state-of-the-art open-weight VLMs across multiple dimensions, including domain-specific accuracy and performance on adversarial crafted questions. Our findings reveal that even the strongest models achieve less than 45% overall accuracy, with particularly poor performance in music, mathematics, and adversarial settings. Furthermore, the results indicate significant discrepancies between success on popular benchmarks and real-world multimodal understanding. We conclude that middle school-level tasks offer a meaningful and underutilized avenue for stress-testing VLMs, especially in non-English contexts. The dataset and evaluation protocol serve as a rigorous testbed to better understand and improve the visual and linguistic reasoning capabilities of future AI systems.

Wer sich mit medizinrechtlichen Fragestellungen befasst, wird unweigerlich früher oder später auf das umfassende Wirken von Dr. Rudolf Ratzel stoßen. Denn schon zu Zeiten, als es das heute so dynamische Rechtsgebiet „Medizinrecht“ nicht einmal terminologisch gab, war er der Sache nach längst in diesem Bereich anwaltlich sowie als Autor von Fachveröffentlichungen tätig. Die Festschrift versammelt Beiträge in der ganzen Bandbreite des Medizinrechts. Sie zeugt in etwa so von „Medizinrecht von A-Z“ wie Dr. Ratzel und sein berufliches Schaffen selbst. 

Background

Traumatic brain injury (TBI) is one of the most important pediatric conditions worldwide. In Germany, hospitalization rates for mild TBI drastically exceed hospitalization rates from similar healthcare systems.

Methods

The SaVeBRAIN.Kids trial will implement and test a novel care pathway (nCP) for evidence-based standardized risk assessment, structured observation in the emergency department (ED) for several hours, and technology-supported home monitoring with the aim to reduce hospitalizations. This non-inferiority multicenter study will be carried out using a cluster-randomized stepped-wedge design, with all centers starting in the control phase and sequentially transitioning to the intervention. Eligible participants (age ≥ 3 months and < 18 years) must present within 48 h of head injury, have minimal symptoms (Glasgow coma scale ≥ 14), and no risk factors for intracranial complications. The co-primary outcomes are the relative risk of hospitalization and the proportion of unplanned re-visits within 72 h of presentation to the ED for ambulatory cases. Secondary outcomes include clinical safety measures, cost-effectiveness, and process evaluation. Based on power calculations (α = 0.05, power = 0.9), 1390 patients will be recruited over 12 months.

Discussion

 The SaVeBRAIN.Kids trial addresses a relevant healthcare challenge by testing a new approach to pediatric mild TBI management in Germany. It aligns with current evidence while accounting for the country’s specific healthcare context. If successful, the intervention could substantially reduce unnecessary hospitalizations and free inpatient capacities while preserving patient safety.

Trial registration

German Clinical Trials Registry (DRKS00035623). Registered on January 21, 2025.

An innovative training model named Medical Angiography Simulation Phantom for Physician Training (MANTA) has been developed at a university makerspace to enhance the education of future interventional radiologists. This model enables medical trainees to practice minimally invasive procedures for treating vascular occlusions in a realistic environment, without the need to operate directly on patients or animal models.

The phantom is produced using 3D printing technology and standard materials, resulting in a cost-effective solution with material expenses around €250. Its design includes a transparent, flexible vascular system integrated with a controllable pump that simulates human arterial blood pressure and flow rates, providing physiological conditions akin to real-life interventions. This setup allows for the safe rehearsal of catheter handling, guidewire manipulation, and occlusion techniques using coils.

The development of a cost-effective open source approach is intended to facilitate the use of medical technology in emerging or underdeveloped countries. By offering a practical and realistic training tool, the MANTA phantom aims to improve the proficiency of upcoming radiologists, ultimately enhancing patient care during critical vascular interventions.

Antikörper gegen CGRP oder seinen Rezeptor (Eptinezumab, Erenumab, Fremanezumab, Galcanezumab, im Folgenden: „CGRP(R)-Antikörper“) sind moderne, spezifische Migräneprophylaktika, die im GKV-Bereich nur für therapierefraktäre Patienten erstattungsfähig sind. Hier wurde untersucht, welchen Effekt diese Regelung auf die Auswahl der behandelten Patienten hat und wie sich die Neubewertung von Erenumab durch den Gemeinsamen Bundesausschuss ab Oktober 2022 ausgewirkt hat.

Diese Studie untersucht den Einsatz von Virtual Reality (VR) zur Verbesserung von Erste-Hilfe-Kompetenzen. In einem immersiven VR-Training wurden realitätsnahe Notfallszenarien – etwa stark blutende Wunden oder Brandverletzungen – simuliert, um prozedurales Wissen, Selbstwirksamkeit und Transferfähigkeit der Teilnehmenden zu fördern. Die Teilnehmenden durchliefen vor und nach dem VR-Training standardisierte Tests und Fragebögen, um Veränderungen im Wissen, der Selbstwirksamkeit und der Transferfähigkeit systematisch zu erfassen. Die Ergebnisse zeigen signifikante Lernzuwächse in allen Bereichen – insbesondere ein gestärktes Vertrauen in das eigene Handeln sowie eine höhere Sicherheit im Umgang mit nicht direkt trainierten Szenarien. Die hohe Immersion wurde von den Teilnehmenden als realitätsnah empfunden und trug zur emotionalen Aktivierung und nachhaltigen Verankerung des Gelernten bei. Damit liefert die Arbeit einen fundierten empirischen Nachweis, dass VR-gestütztes Training eine effektive und praxisnahe Ergänzung zu klassischen Erste-Hilfe-Kursen darstellt – insbesondere zur Auffrischung und für Zielgruppen mit hohem Trainingsbedarf.