Lucene search
K

9 matches found

Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.12 views

R+R: Reassessing Java Security API Misuse in Current LLMs: A Replication on JCA and JSSE APIs with External Security Knowledge

The misuse of Java security APIs is a serious security problem in software development. Research in 2024 has shown that this problem is widespread in LLM-generated code. However, it remains unclear whether this phenomenon persists in current models and how external security knowledge affects it...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.20 views

An Empirical Evaluation of LLM-Generated Code Security across Prompting Methods

The growing use of Large Language Models LLMs for automated code generation has enhanced software development efficiency, but often at the cost of security. Generated code frequently overlooks critical concerns, leaving it vulnerable to issues such as weak encryption and improper input validation...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/07 12:0 a.m.16 views

On Fixing Insecure AI-Generated Code through Model Fine-Tuning and Prompting Strategies

The security of AI-generated code remains a major obstacle to its widespread adoption. Although code generation models achieve strong performance on functional benchmarks, their outputs frequently contain bugs and security weaknesses that undermine their trustworthiness. Prior work has explored a...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/24 12:0 a.m.7 views

Towards Leveraging LLMs to Generate Abstract Penetration Test Cases from Software Architecture

Software architecture models capture early design decisions that strongly influence system quality attributes, including security. However, architecture-level security assessment and feedback are often absent in practice, allowing security weaknesses to propagate into later phases of the software...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/18 12:0 a.m.10 views

Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection Vs. Fine-Grained Indicator Identification

The prevalence of malicious packages in open-source repositories, such as PyPI, poses a critical threat to the software supply chain. While Large Language Models LLMs have emerged as a promising tool for automated security tasks, their effectiveness in detecting malicious packages and indicators...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/11 12:0 a.m.5 views

From LLMs to Agents: A Comparative Evaluation of LLMs and LLM-Based Agents in Security Patch Detection

The widespread adoption of open-source software OSS has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models LLMs and LLM-based agents have demonstrated remarkable...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/26 12:0 a.m.6 views

Is Your Prompt Poisoning Code? Defect Induction Rates and Security Mitigation Strategies

Large language models LLMs have become indispensable for automated code generation, yet the quality and security of their outputs remain a critical concern. Existing studies predominantly concentrate on adversarial attacks or inherent flaws within the models. However, a more prevalent yet...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/10 12:0 a.m.3 views

Phishing Detection in the Gen-AI Era: Quantized LLMs Vs Classical Models

Phishing attacks are becoming increasingly sophisticated, underscoring the need for detection systems that strike a balance between high accuracy and computational efficiency. This paper presents a comparative evaluation of traditional Machine Learning ML, Deep Learning DL, and quantized...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.3 views

Security Degradation in Iterative AI Code Generation -- a Systematic Analysis of the Paradox

The rapid adoption of Large Language ModelsLLMs for code generation has transformed software development, yet little attention has been given to how security vulnerabilities evolve through iterative LLM feedback. This paper analyzes security degradation in AI-generated code through a controlled...

7.5AI score
Exploits0
Rows per page
Query Builder