Lucene search
K

685 matches found

Positive Technologies
Positive Technologies
added 2025/11/04 12:0 a.m.6 views

PT-2025-45025

Name of the Vulnerable Software and Affected Versions Salesforce Mulesoft Anypoint Code Builder versions prior to 1.11.6 Description An issue exists in Salesforce Mulesoft Anypoint Code Builder related to improper neutralization of input used for LLM prompting, which can lead to code injection. T...

6.5CVSS7.1AI score0.00179EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/03 7:34 a.m.9 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)

Red Hat Enterprise Linux AI 1.5 NVIDIA is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

8.8CVSS6.8AI score0.01479EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2025/11/03 7:34 a.m.10 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (NVIDIA)

Red Hat Enterprise Linux AI 1.5 NVIDIA is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

8.8CVSS6.8AI score0.01479EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2025/11/03 7:33 a.m.6 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (AMD)

Red Hat Enterprise Linux AI 1.5 AMD is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

8.8CVSS6.8AI score0.01479EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2025/11/03 7:30 a.m.11 views

Important: Red Hat Security Advisory: Red Hat Enterprise Linux AI 1.5 (Intel Gaudi)

Red Hat Enterprise Linux AI 1.5 Intel Gaudi is now available. Red Hat® Enterprise Linux® AI is a foundation model platform to seamlessly develop, test, and run Granite family large language models LLMs for enterprise applications...

8.8CVSS6.8AI score0.01479EPSS
Exploits5References6
Packet Storm News
Packet Storm News
added 2025/11/03 12:0 a.m.4 views

Detecting Vulnerabilities from Issue Reports for Internet-Of-Things

Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things IoT where analysis is slower than non-IoT systems. While Machine Learning ML and Large Language Models LLMs detect vulnerability-indicating issues in non-IoT systems, their I...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/02 12:0 a.m.6 views

AthenaBench: A Dynamic Benchmark for Evaluating LLMs in Cyber Threat Intelligence

Large Language Models LLMs have demonstrated strong capabilities in natural language reasoning, yet their application to Cyber Threat Intelligence CTI remains limited. CTI analysis involves distilling large volumes of unstructured reports into actionable knowledge, a process where LLMs could...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/31 12:0 a.m.4 views

Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks

The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/30 12:0 a.m.4 views

LLM-Based Multi-Class Attack Analysis and Mitigation Framework in IoT/IIoT Networks

The Internet of Things has expanded rapidly, transforming communication and operations across industries but also increasing the attack surface and security breaches. Artificial Intelligence plays a key role in securing IoT, enabling attack detection, attack behavior analysis, and mitigation...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/30 12:0 a.m.32 views

Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures

As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/27 12:0 a.m.5 views

Evaluation of Vision-LLMs in Surveillance Video

The widespread use of cameras in our society has created an overwhelming amount of video data, far exceeding the capacity for human monitoring. This presents a critical challenge for public safety and security, as the timely detection of anomalous or criminal events is crucial for effective...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.10 views

HarmNet: A Framework for Adaptive Multi-Turn Jailbreak Attacks on Large Language Models

Large Language Models LLMs remain vulnerable to multi-turn jailbreak attacks. We introduce HarmNet, a modular framework comprising ThoughtNet, a hierarchical semantic network; a feedback-driven Simulator for iterative query refinement; and a Network Traverser for real-time adaptive attack...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.3 views

Prompting the Priorities: A First Look at Evaluating LLMs for Vulnerability Triage and Prioritization

Security analysts face increasing pressure to triage large and complex vulnerability backlogs. Large Language Models LLMs offer a potential aid by automating parts of the interpretation process. We evaluate four models ChatGPT, Claude, Gemini, and DeepSeek across twelve prompting techniques to...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.16 views

CLASP: Cost-Optimized LLM-Based Agentic System for Phishing Detection

Phishing websites remain a significant cybersecurity threat, necessitating accurate and cost-effective detection mechanisms. In this paper, we present CLASP, a novel system that effectively identifies phishing websites by leveraging multiple intelligent agents, built using large language models...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/19 12:0 a.m.4 views

Can Transformer Memory Be Corrupted? Investigating Cache-Side Vulnerabilities in Large Language Models

Even when prompts and parameters are secured, transformer language models remain vulnerable because their key-value KV cache during inference constitutes an overlooked attack surface. This paper introduces Malicious Token Injection MTI, a modular framework that systematically perturbs cached key...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/18 12:0 a.m.5 views

Structuring Security: A Survey of Cybersecurity Ontologies, Semantic Log Processing, and LLMs Application

This survey investigates how ontologies, semantic log processing, and Large Language Models LLMs enhance cybersecurity. Ontologies structure domain knowledge, enabling interoperability, data integration, and advanced threat analysis. Security logs, though critical, are often unstructured and...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/17 12:0 a.m.6 views

SoK: Taxonomy and Evaluation of Prompt Security in Large Language Models

Large Language Models LLMs have rapidly become integral to real-world applications, powering services across diverse sectors. However, their widespread deployment has exposed critical security risks, particularly through jailbreak prompts that can bypass model alignment and induce harmful outputs...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/17 12:0 a.m.7 views

When Intelligence Fails: An Empirical Study on Why LLMs Struggle with Password Cracking

The remarkable capabilities of Large Language Models LLMs in natural language understanding and generation have sparked interest in their potential for cybersecurity applications, including password guessing. In this study, we conduct an empirical investigation into the efficacy of pre-trained LL...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/17 12:0 a.m.9 views

MalCVE: Malware Detection and CVE Association Using Large Language Models

Malicious software attacks are having an increasingly significant economic impact. Commercial malware detection software can be costly, and tools that attribute malware to the specific software vulnerabilities it exploits are largely lacking. Understanding the connection between malware and the...

7.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2025/10/15 2:15 p.m.6 views

Bringing the Power of Agentic AI for Identity Risk, Adaptive Threat Prioritization, and Exposure Exploitability Validation

Qualys Enterprise TruRisk Management ETM extends the power of risk operations with agentic AI — Introducing ETM Identity, TruLens for industry-based threat prioritization, and TruConfirm exposure exploitability validation to accelerate your remediation. Every year at our yearly conference, now...

6.7AI score
Exploits0
Rows per page
Query Builder