Lucene search
K

971 matches found

Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.13 views

The Role of Domain-Specific Features in Malware Detection: A MacOS Case Study

Despite the growing popularity of macOS among end users and enterprise systems, malware research has primarily focused on Windows and Android operating systems, leaving the problem of macOS malware detection relatively unexplored. Indeed, the specificity of the operating system and the unique...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.9 views

A Hybrid Approach for Malware Classification Using Secondary Features Fusion

The number of malware either variant or novel is rapidly increasing, making malware detection and mitigation a complex problem. One approach to improving malware mitigation is automatic detection and malware family classification. However, traditional malware detection methods cannot classify...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.24 views

Towards Intrusion Detection Systems for RPL-Based IoT Networks Using Foundation Models

AI-based intrusion detection systems IDS have shown promise in detecting attacks on IoT systems. In this work, we explore the use of foundation models to detect and identify attacks, with a specific focus on RPL-based IoT networks. We study multiple attack types, attack variations, and network...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.14 views

CVE-2026-44285

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/31 12:0 a.m.25 views

ClawHub Security Signals: When VirusTotal, Static Analysis, and SkillSpector Disagree

Agent skills extend AI agents with reusable instructions, tools, scripts, references, and workflows, establishing a security boundary distinct from both model safety and traditional package-malware detection. ClawHub Security Signals is a sanitized dataset of 67,453 latest public OpenClaw skill...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/29 8:16 p.m.26 views

CVE-2026-44285

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/29 7:32 p.m.10 views

CVE-2026-44285 FastGPT: SSRF Protection Bypass via `externalFile` in Dataset Preview API

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 7:32 p.m.20 views

EUVD-2026-33430

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/29 7:32 p.m.11 views

CVE-2026-44285

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/29 7:32 p.m.36 views

CVE-2026-44285 FastGPT: SSRF Protection Bypass via `externalFile` in Dataset Preview API

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 7:32 p.m.25 views

CVE-2026-44285

FastGPT is affected by an SSRF flaw in the dataset preview API. Before 4.15.0-beta1, an authenticated attacker could bypass isInternalAddress protection and reach internal services by abusing /api/core/dataset/file/getPreviewChunks with the externalFile data import type. The issue is resolved in ...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

FastGPT 代码问题漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.15.0-beta1 contained code vulnerabilities. These vulnerabilities were caused by server-side request forgery, allowing authenticated attackers to...

7.7CVSS6AI score0.00263EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.38 views

Improving IoT Intrusion Detection through SMOTE-Based Oversampling and Extended Multi-Model Evaluation on Side-Channel Power Data

The detection of intrusions in IoT-based networks poses challenges that cannot be overcome using traditional machine learning methods. Perhaps the biggest of them is related to the presence of a class imbalance in the side-channel dataset, where the number of samples in the normal class compared ...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.15 views

PT-2026-44979

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.15.0-beta1 Description An authenticated attacker can bypass the global isInternalAddress network protection to make arbitrary HTTP GET requests to internal network services. This occurs due to an incomplete fix in t...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.11 views

Separating Secrets from Placeholders: A Hybrid CNN-CodeBERT Framework for Three-Class Credential Leakage Detection

Credential leakage in public source code repositories poses a critical security threat, with over 23.8 million secrets exposed in 2024 alone. Existing detection tools suffer from high false-positive rates because rigid pattern matching and binary classification schemes fail to distinguish genuine...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.11 views

Towards Demystifying and Repairing LLM-In-The-Loop Vulnerabilities

Large Language ModelsLLMs have been actively integrated into modern software systems as critical components. LLM-in-the-loop vulnerabilities, where vulnerabilities are introduced by LLMs and their dependent downstream components, such as frameworks, introduce new risks. Although some benchmark...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.14 views

Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation

We present a dataset of adversarial malware samples derived from the public RawMal-TF collection of real-world malware binaries. Using a suite of adversarial malware generators, we construct two sets of adversarial PE files: 44,347 family-labelled samples and 33,596 type-labelled samples, achievi...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.32 views

FALCON-C: Flow-Based Analysis and Labeling for Connected Vehicular Network Cybersecurity

Along with the recent rise in popularity of Electric Vehicles EVs, Electric Vehicle Supply Equipment EVSE has emerged as a new target for cyber attacks. Therefore, ensuring the security and integrity of network communication between EVSE components and vehicular clients is a significant challenge...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.10 views

Botnet Detection on CTU-13 Using Lightweight Machine Learning Models

Botnets are among the most persistent cyber threats, enabling large-scale attacks such as spam, credential theft, and distributed denial-of-service DDoS. While deep learning approaches have recently been applied to botnet detection, they are computationally intensive and often lack...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.11 views

Explainable Machine Learning for Phishing Detection on Heterogeneous Datasets with MCP-Enabled Deployment

With the growth in digital transformation and Internet usage, the Social Engineering techniques such as Phishing have become a major concern for the users and the organizations. Phishing attacks involve deceptive techniques to trick users into revealing confidential information that causes...

5.8AI score
Exploits0
Rows per page
Query Builder