Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.11 views

Separating Secrets from Placeholders: A Hybrid CNN-CodeBERT Framework for Three-Class Credential Leakage Detection

Credential leakage in public source code repositories poses a critical security threat, with over 23.8 million secrets exposed in 2024 alone. Existing detection tools suffer from high false-positive rates because rigid pattern matching and binary classification schemes fail to distinguish genuine...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.14 views

Anonymous YARA Rules Are Not Anonymous

YARA rules are widely shared across threat intelligence communities to enable collective defence against malware. This practice implicitly assumes that removing metadata e.g., author fields sufficiently protects the identity of contributing organisations. To assess the validity of this assumption...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.7 views

ContractShield: Bridging Semantic-Structural Gaps Via Hierarchical Cross-Modal Fusion for Multi-Label Vulnerability Detection in Obfuscated Smart Contracts

Smart contracts are increasingly targeted by adversaries employing obfuscation techniques such as bogus code injection and control flow manipulation to evade vulnerability detection. Existing multimodal methods often process semantic, temporal, and structural features in isolation and fuse them...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.3 views

Detecting PowerShell-Based Fileless Cryptojacking Attacks Using Machine Learning

With the emergence of remote code execution RCE vulnerabilities in ubiquitous libraries and advanced social engineering techniques, threat actors have started conducting widespread fileless cryptojacking attacks. These attacks have become effective with stealthy techniques based on PowerShell-bas...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/17 12:0 a.m.4 views

Many Hands Make Light Work: An LLM-Based Multi-Agent System for Detecting Malicious PyPI Packages

Malicious code in open-source repositories such as PyPI poses a growing threat to software supply chains. Traditional rule-based tools often overlook the semantic patterns in source code that are crucial for identifying adversarial components. Large language models LLMs show promise for software...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/09 12:0 a.m.4 views

LLM-Based Vulnerable Code Augmentation: Generate or Refactor?

Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.4 views

Today'S Cat Is Tomorrow'S Dog: Accounting for Time-Based Changes in the Labels of ML Vulnerability Detection Approaches

Vulnerability datasets used for ML testing implicitly contain retrospective information. When tested on the field, one can only use the labels available at the time of training and testing e.g. seen and assumed negatives. As vulnerabilities are discovered across calendar time, labels change and...

7AI score
Exploits0
Rows per page
Query Builder