Lucene search
K

685 matches found

Packet Storm News
Packet Storm News
added 2026/01/08 12:0 a.m.7 views

Memory Poisoning Attack and Defense on Memory Based LLM-Agents

Large language model agents equipped with persistent memory are vulnerable to memory poisoning attacks, where adversaries inject malicious instructions through query only interactions that corrupt the agents long term memory and influence future responses. Recent work demonstrated that the MINJA...

7.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/08 12:0 a.m.3 views

Multi-Turn Jailbreaking Attack in Multi-Modal Large Language Models

In recent years, the security vulnerabilities of Multi-modal Large Language Models MLLMs have become a serious concern in the Generative Artificial Intelligence GenAI research. These highly intelligent models, capable of performing multi-modal tasks with high accuracy, are also severely susceptib...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/07 12:0 a.m.7 views

Jailbreaking LLMs and VLMs: Mechanisms, Evaluation, and Unified Defense

This paper provides a systematic survey of jailbreak attacks and defenses on Large Language Models LLMs and Vision-Language Models VLMs, emphasizing that jailbreak vulnerabilities stem from structural factors such as incomplete training data, linguistic ambiguity, and generative uncertainty. It...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/07 12:0 a.m.7 views

RedBench: A Universal Dataset for Comprehensive Red Teaming of Large Language Models

As large language models LLMs become integral to safety-critical applications, ensuring their robustness against adversarial prompts is paramount. However, existing red teaming datasets suffer from inconsistent risk categorizations, limited domain coverage, and outdated evaluations, hindering...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/07 12:0 a.m.9 views

HoneyTrap: Deceiving Large Language Model Attackers to Honeypot Traps with Resilient Multi-Agent Defense

Jailbreak attacks pose significant threats to large language models LLMs, enabling attackers to bypass safeguards. However, existing reactive defense approaches struggle to keep up with the rapidly evolving multi-turn jailbreaks, where attackers continuously deepen their attacks to exploit...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.7 views

Cracking IoT Security: Can LLMs Outsmart Static Analysis Tools?

Smart home IoT platforms such as openHAB rely on Trigger Action Condition TAC rules to automate device behavior, but the interplay among these rules can give rise to interaction threats, unintended or unsafe behaviors emerging from implicit dependencies, conflicting triggers, or overlapping...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.7 views

Agentic AI for Autonomous Defense in Software Supply Chain Security: Beyond Provenance to Vulnerability Mitigation

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in toto are majorly used to offer provenance and traceabili...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.3 views

Breaking Audio Large Language Models by Attacking Only the Encoder: A Universal Targeted Latent-Space Audio Attack

Audio-language models combine audio encoders with large language models to enable multimodal reasoning, but they also introduce new security vulnerabilities. We propose a universal targeted latent space attack, an encoder-level adversarial attack that manipulates audio latent representations to...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.6 views

EquaCode: A Multi-Strategy Jailbreak Approach for Large Language Models Via Equation Solving and Code Completion

Large language models LLMs, such as ChatGPT, have achieved remarkable success across a wide range of fields. However, their trustworthiness remains a significant concern, as they are still susceptible to jailbreak attacks aimed at eliciting inappropriate or harmful responses. However, existing...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.8 views

From Rookie to Expert: Manipulating LLMs for Automated Vulnerability Exploitation in Enterprise Software

LLMs democratize software engineering by enabling non-programmers to create applications, but this same accessibility fundamentally undermines security assumptions that have guided software engineering for decades. We show in this work how publicly available LLMs can be socially engineered to...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/24 12:0 a.m.3 views

The Imitation Game: Using Large Language Models As Chatbots to Combat Chat-Based Cybercrimes

Chat-based cybercrime has emerged as a pervasive threat, with attackers leveraging real-time messaging platforms to conduct scams that rely on trust-building, deception, and psychological manipulation. Traditional defense mechanisms, which operate on static rules or shallow content filters,...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/24 12:0 a.m.2 views

AutoBaxBuilder: Bootstrapping Code Security Benchmarking

As LLMs see wide adoption in software engineering, the reliable assessment of the correctness and security of LLM-generated code is crucial. Notably, prior work has demonstrated that security is often overlooked, exposing that LLMs are prone to generating code with security vulnerabilities. These...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/24 12:0 a.m.4 views

Assessing the Software Security Comprehension of Large Language Models

Large language models LLMs are increasingly used in software development, but their level of software security expertise remains unclear. This work systematically evaluates the security comprehension of five leading LLMs: GPT-4o-Mini, GPT-5-Mini, Gemini-2.5-Flash, Llama-3.1, and Qwen-2.5, using...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/22 12:0 a.m.4 views

Energy-Efficient Multi-LLM Reasoning for Binary-Free Zero-Day Detection in IoT Firmware

Securing Internet of Things IoT firmware remains difficult due to proprietary binaries, stripped symbols, heterogeneous architectures, and limited access to executable code. Existing analysis methods, such as static analysis, symbolic execution, and fuzzing, depend on binary visibility and...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.6 views

PT-2025-52494

Name of the Vulnerable Software and Affected Versions Dive versions prior to 0.11.1 Description Dive is an open-source MCP Host Desktop Application that integrates with function-calling LLMs. A critical Stored Cross-Site Scripting XSS issue exists in the Mermaid diagram rendering component. The...

9.6CVSS6.4AI score0.00478EPSS
Exploits1References10
Packet Storm News
Packet Storm News
added 2025/12/18 12:0 a.m.4 views

Large Language Models As a (Bad) Security Norm in the Context of Regulation and Compliance

The use of Large Language Models LLM by providers of cybersecurity and digital infrastructures of all kinds is an ongoing development. It is suggested and on an experimental basis used to write the code for the systems, and potentially fed with sensitive data or what would otherwise be considered...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/18 12:0 a.m.6 views

Jailbreak-Zero: A Path to Pareto Optimal Red Teaming for Large Language Models

This paper introduces Jailbreak-Zero, a novel red teaming methodology that shifts the paradigm of Large Language Model LLM safety evaluation from a constrained example-based approach to a more expansive and effective policy-based framework. By leveraging an attack LLM to generate a high volume of...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/18 12:0 a.m.21 views

A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection

As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.6 views

UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis

We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.4 views

Trust in LLM-Controlled Robotics: A Survey of Security Threats, Defenses and Challenges

The integration of Large Language Models LLMs into robotics has revolutionized their ability to interpret complex human commands and execute sophisticated tasks. However, such paradigm shift introduces critical security vulnerabilities stemming from the ''embodiment gap'', a discord between the...

7.4AI score
Exploits0
Rows per page
Query Builder