Lucene search
K

470 matches found

Packet Storm News
Packet Storm News
added 2026/05/03 12:0 a.m.5 views

Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration

Memory systems enable otherwise-stateless LLM agents to persist user information across sessions, but also introduce a new attack surface. We characterize the Trojan Hippo attack, a class of persistent memory attacks that operates in a more realistic threat model than prior memory poisoning work:...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/04/25 1:53 a.m.7 views

[SECURITY] Fedora 44 Update: dnsdist-2.0.3-1.fc44

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.2AI score0.01028EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/23 12:0 a.m.6 views

A-THENA: Early Intrusion Detection for IoT with Time-Aware Hybrid Encoding and Network-Specific Augmentation

The proliferation of Internet of Things IoT devices has significantly expanded attack surfaces, making IoT ecosystems particularly susceptible to sophisticated cyber threats. To address this challenge, this work introduces A-THENA, a lightweight early intrusion detection system EIDS that...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/17 12:0 a.m.8 views

Privacy-Aware Machine Unlearning with SISA for Reinforcement Learning-Based Ransomware Detection

Ransomware detection systems increasingly rely on behavior-based machine learning to address evolving attack strategies. However, emerging privacy compliance, data governance, and responsible AI deployment demand not only accurate detection but also the ability to efficiently remove the influence...

5.8AI score
Exploits0
Wiz blog
Wiz blog
added 2026/04/16 1:0 p.m.9 views

Securing AI Applications From Inception to Deployment

Extending the Wiz AI APP into the code layer to detect AI-specific risks at inception, validate exploitability at runtime, and orchestrate remediation with agents that understand your codebase...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/14 5:51 a.m.151 views

Exploit for CVE-2026-40175

audit-axios Scan local repos for vulnerable axios versions an...

10CVSS5.9AI score0.01815EPSS
Exploits5
Fedora
Fedora
added 2026/04/10 1:1 a.m.5 views

[SECURITY] Fedora 43 Update: dnsdist-2.0.3-1.fc43

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.9AI score0.01028EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/09 12:0 a.m.4 views

Follow My Eyes: Backdoor Attacks on VLM-Based Scanpath Prediction

Scanpath prediction models forecast the sequence and timing of human fixations during visual search, driving foveated rendering and attention-based interaction in mobile systems where their integrity is a first-class security concern. We present the first study of backdoor attacks against VLM-bas...

5.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/08 8:4 a.m.10 views

Security Bulletin: Vulnerability in golang.org/x/crypto bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI and IBM Fusion Content-Aware Storage include golang.org/x/crypto which could cause early termination of client process. CVE-2025-47913. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response...

7.5CVSS5.9AI score0.00591EPSS
Exploits1Affected Software2
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

LanG -- a Governance-Aware Agentic AI Platform for Unified Security Operations

Modern Security Operations Centers struggle with alert fatigue, fragmented tooling, and limited cross-source event correlation. Challenges that current Security Information Event Management and Extended Detection and Response systems only partially address through fragmented tools. This paper...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.3 views

Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems

Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/27 7:53 p.m.7 views

How Microsoft Defender protects high-value assets in real-world attack scenarios

In this article 1. Using asset context to strengthen detection 2. How high-value asset protection works 3. Real-world high-value asset protection scenarios 4. Protecting your HVAs 5. Learn more High-value assets including domain controllers, web servers, and identity infrastructure are frequent...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/27 12:0 a.m.1 views

SPARK: Secure Predictive Autoscaling for Robust Kubernetes

Achieving high availability and robust security in Kubernetes requires more than reactive scaling and standard perimeter firewalls. Traditional autoscalers, such as HPA, often fail to react quickly to traffic spikes and cannot distinguish between legitimate flash crowds and DDoS attacks. We prese...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:10 p.m.4 views

CVE-2026-32843

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS6AI score0.00454EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/25 1:12 p.m.7 views

Security Bulletin: Vulnerability in AIOHTTP bundled with IBM Fusion Content-Aware Storage.

Summary IBM Fusion Content-Aware Storage includes AIOHTTP which could allow DoS, request smuggling, logging storm attacks. The target service within Content-Aware Storage is vLLM, and this service is accessible only on the private network within kubernetes, and requires this private network acces...

8.7CVSS6.9AI score0.00487EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:26 a.m.16 views

CVE-2026-23304 ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...

0.00123EPSS
Exploits0References8
Wiz blog
Wiz blog
added 2026/03/23 4:46 p.m.28 views

Introducing the Wiz Red Agent- AI-Powered Attacker

Red Agent is an AI-powered, context-aware attacker that uncovers complex exploitable risks across your entire attack surface, continuously and at scale...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/22 12:0 a.m.2 views

DeepXplain: XAI-Guided Autonomous Defense against Multi-Stage APT Campaigns

Advanced Persistent Threats APTs are stealthy, multi-stage attacks that require adaptive and timely defense. While deep reinforcement learning DRL enables autonomous cyber defense, its decisions are often opaque and difficult to trust in operational environments. This paper presents DeepXplain, a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/21 12:0 a.m.15 views

T-MAP: Red-Teaming LLM Agents with Trajectory-Aware Evolutionary Search

While prior red-teaming efforts have focused on eliciting harmful text outputs from large language models LLMs, such approaches fail to capture agent-specific vulnerabilities that emerge through multi-step tool execution, particularly in rapidly growing ecosystems such as the Model Context Protoc...

6AI score
Exploits0
EUVD
EUVD
added 2026/03/19 3:31 p.m.8 views

EUVD-2026-13113

Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...

5.1CVSS6AI score0.00454EPSS
Exploits0References3
Rows per page
Query Builder