Lucene search
K

557 matches found

Packet Storm News
Packet Storm News
added 2025/11/15 12:0 a.m.12 views

RulePilot: An LLM-Powered Agent for Security Rule Generation

The real-time demand for system security leads to the detection rules becoming an integral part of the intrusion detection life-cycle. Rule-based detection often identifies malicious logs based on the predefined grammar logic, requiring experts with deep domain knowledge for rule generation...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/13 12:0 a.m.4 views

Robustness of LLM-Enabled Vehicle Trajectory Prediction under Data Security Threats

The integration of large language models LLMs into automated driving systems has opened new possibilities for reasoning and decision-making by transforming complex driving contexts into language-understandable representations. Recent studies demonstrate that fine-tuned LLMs can accurately predict...

6.9AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/11/10 12:0 a.m.9 views

LLM Response Evaluation with Spring AI: Building LLM-as-a-Judge Using Recursive Advisors

The challenge of evaluating Large Language Model LLM outputs is critical for notoriously non-deterministic AI applications, especially as they move into production. Traditional metrics like ROUGE and BLEU fall short when assessing the nuanced, contextual responses that modern LLMs produce. Human...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/08 12:0 a.m.5 views

RAG-Targeted Adversarial Attack on LLM-Based Threat Detection and Mitigation Framework

The rapid expansion of the Internet of Things IoT is reshaping communication and operational practices across industries, but it also broadens the attack surface and increases susceptibility to security breaches. Artificial Intelligence has become a valuable solution in securing IoT networks, wit...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/08 12:0 a.m.7 views

Injecting Falsehoods: Adversarial Man-In-The-Middle Attacks Undermining Factual Recall in LLMs

LLMs are now an integral part of information retrieval. As such, their role as question answering chatbots raises significant concerns due to their shown vulnerability to adversarial man-in-the-middle MitM attacks. Here, we propose the first principled attack evaluation on LLM factual memory unde...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/07 12:0 a.m.48 views

When AI Meets the Web: Prompt Injection Risks in Third-Party AI Chatbot Plugins

Prompt injection attacks pose a critical threat to large language models LLMs, with prior work focusing on cutting-edge LLM applications like personal copilots. In contrast, simpler LLM applications, such as customer service chatbots, are widespread on the web, yet their security posture and...

7.5AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/06 3:58 p.m.6 views

Malicious code in wei516-tpa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2ee2f69d608c9430677e3723e003b788f464ae688126d65199fc2936f1adfb0e Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/11/06 8:46 a.m.4 views

MAL-2025-191789 Malicious code in mcp-weather-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c12eff5425b0aa04547b3bbff3444c1d96ca3cf765fdc105d7b7ff9252c9afda Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/11/06 12:0 a.m.5 views

From Model to Breach: Towards Actionable LLM-Generated Vulnerabilities Reporting

As the role of Large Language Models LLM-based coding assistants in software development becomes more critical, so does the role of the bugs they generate in the overall cybersecurity landscape. While a number of LLM code security benchmarks have been proposed alongside approaches to improve the...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/05 9:25 p.m.5 views

Malicious code in wayspiritmcp-tpa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 523cbbda7a0fda2addfcd432b1bfcc1df072ee67a593ffce535b7da7005caae8 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/11/05 9:21 p.m.4 views

MAL-2025-191924 Malicious code in wayspiritmcp-enconly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b075eb7116e55dd48db0e026ce51a42ec4e7e1e100b4b68c8a42d4b35411f749 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/05 9:16 p.m.4 views

Malicious code in wayspiritmcp-weather (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dbe830c7b2364daef2e4634c16062b86b0b26b88f95533e9413aa91bc646fd Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.9AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/11/05 12:0 a.m.4 views

Hybrid Fuzzing with LLM-Guided Input Mutation and Semantic Feedback

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I present a hybrid fuzzing framework that integrates static an...

7AI score
Exploits0
OSV
OSV
added 2025/11/04 7:17 p.m.4 views

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 7:17 p.m.6 views

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

6.5CVSS5.8AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 7:17 p.m.5 views

CVE-2025-10875

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6...

6.5CVSS5.8AI score0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/04 6:27 p.m.8 views

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

0.00179EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 6:19 p.m.3 views

CVE-2025-64318

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Manipulating Writeable Configuration Files.This issue affects Mulesoft Anypoint Code Builder: before 1.12.1...

6.6AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 6:14 p.m.3 views

CVE-2025-10875

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Mulesoft Anypoint Code Builder allows Code Injection.This issue affects Mulesoft Anypoint Code Builder: before 1.11.6...

6.6AI score0.00179EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/11/04 12:0 a.m.5 views

Jailbreaking in the Haystack

Recent advances in long-context language models LMs have enabled million-token inputs, expanding their capabilities across complex tasks like computer-use agents. Yet, the safety implications of these extended contexts remain unclear. To bridge this gap, we introduce NINJA short for...

7.3AI score
Exploits0
Rows per page
Query Builder