Lucene search
K

172 matches found

Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

Bridging Unsupervised and Semi-Supervised Anomaly Detection: a Theoretically-Grounded and Practical Framework with Synthetic Anomalies

Anomaly detection AD is a critical task across domains such as cybersecurity and healthcare. In the unsupervised setting, an effective and theoretically-grounded principle is to train classifiers to distinguish normal data from synthetic anomalies. We extend this principle to semi-supervised AD,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

SoK: Machine Unlearning for Large Language Models

Large language model LLM unlearning has become a critical topic in machine learning, aiming to eliminate the influence of specific training data or knowledge without retraining the model from scratch. A variety of techniques have been proposed, including Gradient Ascent, model editing, and...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/06 12:0 a.m.4 views

The Scales of Justitia: a Comprehensive Survey on Safety Evaluation of LLMs

With the rapid advancement of artificial intelligence technology, Large Language Models LLMs have demonstrated remarkable potential in the field of Natural Language Processing NLP, including areas such as content generation, human-computer interaction, machine translation, and code generation,...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.8 views

Sentinel: SOTA Model to Protect against Prompt Injections

Large Language Models LLMs are increasingly powerful but remain vulnerable to prompt injection attacks, where malicious inputs cause the model to deviate from its intended instructions. This paper introduces Sentinel, a novel detection model, qualifire/prompt-injection-sentinel, based on the...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.4 views

Comprehensive Vulnerability Analysis Is Necessary for Trustworthy LLM-MAS

This paper argues that a comprehensive vulnerability analysis is essential for building trustworthy Large Language Model-based Multi-Agent Systems LLM-MAS. These systems, which consist of multiple LLM-powered agents working collaboratively, are increasingly deployed in high-stakes applications bu...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/29 12:0 a.m.4 views

SafeCOMM: What about Safety Alignment in Fine-Tuned Telecom Large Language Models?

Fine-tuning large language models LLMs for telecom tasks and datasets is a common practice to adapt general-purpose models to the telecom domain. However, little attention has been paid to how this process may compromise model safety. Recent research has shown that even benign fine-tuning can...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/28 12:0 a.m.6 views

Jailbreak Distillation: Renewable Safety Benchmarking

Large language models LLMs are rapidly deployed in critical applications, raising urgent needs for robust safety benchmarking. We propose Jailbreak Distillation JBDistill, a novel benchmark construction framework that "distills" jailbreak attacks into high-quality and easily-updatable safety...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.3 views

MAPS: a Multilingual Benchmark for Global Agent Performance and Security

Agentic AI systems, which build on Large Language Models LLMs and interact with tools and memory, have rapidly advanced in capability and scope. Yet, since LLMs have been shown to struggle in multilingual settings, typically resulting in lower performance and reduced safety, agentic systems risk...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.3 views

Think Twice Before You Act: Enhancing Agent Behavioral Safety with Thought Correction

LLM-based autonomous agents possess capabilities such as reasoning, tool invocation, and environment interaction, enabling the execution of complex multi-step tasks. The internal reasoning process, i.e., thought, of behavioral trajectory significantly influences tool usage and subsequent actions...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/17 12:0 a.m.3 views

TechniqueRAG: Retrieval Augmented Generation for Adversarial Technique Annotation in Cyber Threat Intelligence Text

Accurately identifying adversarial techniques in security texts is critical for effective cyber defense. However, existing methods face a fundamental trade-off: they either rely on generic models with limited domain precision or require resource-intensive pipelines that depend on large labeled...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Configure the Banner Path Correctly

The banner path points to a file which contains the prompt information displayed on the client before a user logs in to the SSH. The content in the file can be configured based on the actual service scenario. If the banner path is not set, no information is displayed by default...

6.6AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.2 views

Configure TIME_WAIT for TCP

TIMEWAIT indicates the time for TCP to wait for connection destruction. If this parameter is set to a large value, a large number of TCP connections are not closed and DoS attacks occur. You are advised to set this parameter to a value less than or equal to 60. SPDX-FileCopyrightText: 2025...

6.9AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Ensure That All Groups Exist in /etc/passwd

All user groups in /etc/passwd must exist in the /etc/group file. If the administrator manually modifies the two files, the user groups may be incorrectly set due to human errors. If a user group in /etc/passwd does not exist in /etc/group, risks of user group permission management may occur...

6.8AI score
Exploits0References4
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.5 views

Configure Proper Cryptographic Algorithms for the SSH Service

As cryptographic technologies develop and computing capabilities improve, some cryptographic algorithms are no longer suitable for today SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

7AI score
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/05/03 12:0 a.m.4 views

PQS-BFL: a Post-Quantum Secure Blockchain-Based Federated Learning Framework

Federated Learning FL enables collaborative model training while preserving data privacy, but its classical cryptographic underpinnings are vulnerable to quantum attacks. This vulnerability is particularly critical in sensitive domains like healthcare. This paper introduces PQS-BFL Post-Quantum...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.3 views

Good News for Script Kiddies? Evaluating Large Language Models for Automated Exploit Generation

Large Language Models LLMs have demonstrated remarkable capabilities in code-related tasks, raising concerns about their potential for automated exploit generation AEG. This paper presents the first systematic study on LLMs' effectiveness in AEG, evaluating both their cooperativeness and technica...

7.2AI score
Exploits0
Akamai Blog
Akamai Blog
added 2025/04/30 10:20 a.m.5 views

Spin JS/TS Router Showdown: Hono vs Itty vs Manual Routing

A performance comparison of three routing approaches in Spin JS/TS apps — Hono, Itty, and manual routing — with benchmarks and guidance...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.4 views

Towards Stateless Clients in Ethereum: Benchmarking Verkle Trees and Binary Merkle Trees with SNARKs

Ethereum, the leading platform for decentralized applications, faces challenges in maintaining decentralization due to the significant hardware requirements for validators to store Ethereum's entire state. To address this, the concept of stateless clients is under exploration, enabling validators...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/01/28 12:0 a.m.5 views

Interagency Security Committee Compliance Policy and Compliance Benchmarks, 2024 Edition

The Interagency Security Committee Compliance Policy and Compliance Benchmarks, 2024 Edition outlines the ISC Compliance Policy and updates Compliance Benchmarks in alignment with Executive Order 14111 and the updated Risk Management Process Standard of 2024. These updated compliance benchmarks a...

6.9AI score
Exploits0
vulnersOsv
vulnersOsv
added 2024/11/12 7:53 p.m.7 views

ai.ancf.lmos-router:benchmarks (=0.2.0), ai.ancf.lmos-router:lmos-router-hybrid (=0.2.0) +23175 more potentially affected by CVE-2024-47535 via io.netty:netty-common (>=4.0.0.Alpha1 <=4.1.114.Final)

io.netty:netty-common MAVEN version =4.0.0.Alpha1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.4.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0...

5.5CVSS6.6AI score0.00408EPSS
Exploits1
Rows per page
Query Builder