Lucene search
K

115 matches found

Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.6 views

Don't Trust Us: A Privacy-By-Design Android Malware Detection Pipeline

Android malware detection increasingly relies on collecting and processing sensitive user data, including device identifiers, network artifacts, and runtime traces, while privacy is too often treated as a secondary concern. Existing privacy-aware approaches typically enforce privacy after data...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/18 10:42 a.m.17 views

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/08 12:48 p.m.16 views

Microsoft says Edge’s plaintext password behavior is “by design”

Some time ago, we discussed whether you should allow your browser to remember your passwords. In that article we mentioned the importance of encryption. “ With a browser password manager, someone with access to your browser could see your passwords in clear text, although Windows can be set to as...

6.1AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2026/05/08 12:0 a.m.16 views

How we keep Opera users and products safe: Inside the role of Head of Security

Security How we keep Opera users and products safe: Inside the role of Head of Security Share May 8th, 2026 We usually think of security only when something goes wrong – whether it’s a suspicious login we noticed, a strange pop-up we got while browsing, or a headline we read about a data breach...

8.8CVSS6.9AI score0.05036EPSS
Exploits4References1
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.14 views

UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks

Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.1 views

Automating Cloud Security and Forensics through a Secure-By-Design Generative AI Framework

As cloud environments become increasingly complex, cybersecurity and forensic investigations must evolve to meet emerging threats. Large Language Models LLMs have shown promise in automating log analysis and reasoning tasks, yet they remain vulnerable to prompt injection attacks and lack forensic...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.1 views

Security-By-Design for LLM-Based Code Generation: Leveraging Internal Representations for Concept-Driven Steering Mechanisms

Large Language Models LLMs show remarkable capabilities in understanding natural language and generating complex code. However, as practitioners adopt CodeLLMs for increasingly critical development tasks, research reveals that these models frequently generate functionally correct yet insecure cod...

5.9AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/27 3:33 p.m.3 views

The Agile FedRAMP Playbook, Part 3: Preventative Risk Management by building Secure by Design

In the third part of our series, we explore Preventative Risk Management. We discuss how shifting security into the development lifecycle helps organizations meet FedRAMP requirements...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/01 2:36 a.m.173 views

Toxic_Flow_Analysis_Framework_For_Agentic_AI

Toxic Flow Analysis TFA Framework A Secure-by-Design framew...

6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/01/13 5:0 p.m.5 views

How Microsoft builds privacy and security to work hand-in-hand

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

6.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/01/13 5:0 p.m.4 views

How Microsoft builds privacy and security to work hand-in-hand

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/10 12:0 a.m.11 views

ALFA: A Safe-By-Design Approach to Mitigate Quishing Attacks Launched Via Fancy QR Codes

Phishing with Quick Response QR codes is termed as Quishing. The attackers exploit this method to manipulate individuals into revealing their confidential data. Recently, we see the colorful and fancy representations of QR codes, the 2D matrix of QR codes which does not reflect a typical mixture ...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/12/17 10:30 a.m.7 views

Security by Design: Why Multi-Factor Authentication Matters More Than Ever

In an era marked by escalating cyber threats and evolving risk landscapes, organisations face mounting pressure to strengthen their security posture whilst maintaining seamless user experiences. At Thales, we recognise that robust security must be foundational - embedded into products and service...

7.6AI score
Exploits0
CISA
CISA
added 2025/12/11 12:0 p.m.27 views

2025 CWE Top 25 Most Dangerous Software Weaknesses

The Cybersecurity and Infrastructure Security Agency CISA, in collaboration with the Homeland Security Systems Engineering and Development Institute HSSEDI, operated by the MITRE Corporation, has released the 2025 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesseslink is...

7.2AI score
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/10/27 12:0 a.m.7 views

Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges

Agentic AI systems powered by large language models LLMs and endowed with planning, tool use, memory, and autonomy, are emerging as powerful, flexible platforms for automation. Their ability to autonomously execute tasks across web, software, and physical environments creates new and amplified...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/23 11:55 a.m.6 views

Secure AI at Scale and Speed — Learn the Framework in this Free Webinar

AI is everywhere—and your company wants in. Faster products, smarter systems, fewer bottlenecks. But if you're in security, that excitement often comes with a sinking feeling. Because while everyone else is racing ahead, you're left trying to manage a growing web of AI agents you didn't create,...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/10/20 4:0 p.m.5 views

Inside the attack chain: Threat activity targeting Azure Blob Storage

Azure Blob Storage, like any object data service, is a high-value target for threat actors due to its critical role in storing and managing massive amounts of unstructured data at scale across diverse workloads. Organizations of all sizes use Blob Storage to support key workloads—such as AI, high...

8.5AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-6576

Malware in sbrugna...

7.5CVSS6.4AI score0.01416EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-4584

Malware in sbrugna...

6.8CVSS6.4AI score0.0095EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/10/07 12:0 a.m.6 views

"Your Doctor Is Spying on You": An Analysis of Data Practices in Mobile Healthcare Applications

Mobile healthcare mHealth applications promise convenient, continuous patient-provider interaction but also introduce severe and often underexamined security and privacy risks. We present an end-to-end audit of 272 Android mHealth apps from Google Play, combining permission forensics, static...

6.8AI score
Exploits0
Rows per page
Query Builder