Lucene search
K

64 matches found

Packet Storm News
Packet Storm News
added 2025/10/26 12:0 a.m.7 views

Advancing Honeywords for Real-World Authentication Security

Introduced by Juels and Rivest in 2013, Honeywords, which are decoy passwords stored alongside a real password, appear to be a proactive method to help detect password credentials misuse. However, despite over a decade of research, this technique has not been adopted by major authentication...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/10/24 11:23 p.m.5 views

SUSE CVE-2025-59941

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.8 and below, go-f3's justification verification caching mechanism has a vulnerability where verification results are cached without properly considering the context of the message. An attacker can bypass...

6.5CVSS6.8AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-10037

Malware in sbrugna...

8.6CVSS8.8AI score0.02662EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-0141

Malicious code in bioql PyPI...

4.3CVSS6.8AI score0.00282EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1604

Malicious code in bioql PyPI...

10CVSS9AI score0.00921EPSS
Exploits0References10
GithubExploit
GithubExploit
added 2025/09/11 11:9 a.m.138 views

vxscan

VXScan+ VXScan+ is an advanced Python-based web vulnerabili...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/04 12:0 a.m.7 views

Between a Rock and a Hard Place: Exploiting Ethical Reasoning to Jailbreak LLMs

Large language models LLMs have undergone safety alignment efforts to mitigate harmful outputs. However, as LLMs become more sophisticated in reasoning, their intelligence may introduce new security risks. While traditional jailbreak attacks relied on singlestep attacks, multi-turn jailbreak...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/22 12:0 a.m.3 views

LLM-GUARD: Large Language Model-Based Detection and Repair of Bugs and Security Vulnerabilities in C++ and Python

Large Language Models LLMs such as ChatGPT-4, Claude 3, and LLaMA 4 are increasingly embedded in software/application development, supporting tasks from code generation to debugging. Yet, their real-world effectiveness in detecting diverse software bugs, particularly complex, security-relevant...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/13 11:25 a.m.5 views

AI SOC 101: Key Capabilities Security Leaders Need to Know

Security operations have never been a 9-to-5 job. For SOC analysts, the day often starts and ends deep in a queue of alerts, chasing down what turns out to be false positives, or switching between half a dozen tools to piece together context. The work is repetitive, time-consuming, and high-stake...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/05 12:0 a.m.15 views

MalFlows: Context-Aware Fusion of Heterogeneous Flow Semantics for Android Malware Detection

Static analysis, a fundamental technique in Android app examination, enables the extraction of control flows, data flows, and inter-component communications ICCs, all of which are essential for malware detection. However, existing methods struggle to leverage the semantic complementarity across...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 11:59 a.m.11 views

CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS6.3AI score0.00282EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.7 views

VulCPE: Context-Aware Cybersecurity Vulnerability Retrieval and Management

The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases like the National Vulnerability Database NVD. Inaccurate...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.6 views

Cape: Context-Aware Prompt Perturbation Mechanism with Differential Privacy

Large Language Models LLMs have gained significant popularity due to their remarkable capabilities in text understanding and generation. However, despite their widespread deployment in inference services such as ChatGPT, concerns about the potential leakage of sensitive user data have arisen...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.22 views

LLM-Based Threat Detection and Prevention Framework for IoT Ecosystems

The increasing complexity and scale of the Internet of Things IoT have made security a critical concern. This paper presents a novel Large Language Model LLM-based framework for comprehensive threat detection and prevention in IoT environments. The system integrates lightweight LLMs fine-tuned on...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.62 views

GraphQLer: Enhancing GraphQL Security with Context-Aware API Testing

GraphQL is an open-source data query and manipulation language for web applications, offering a flexible alternative to RESTful APIs. However, its dynamic execution model and lack of built-in security mechanisms expose it to vulnerabilities such as unauthorized data access, denial-of-service DoS...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/14 12:0 a.m.5 views

Can LLMs Handle WebShell Detection? Overcoming Detection Challenges with Behavioral Function-Aware Framework

WebShell attacks, in which malicious scripts are injected into web servers, are a major cybersecurity threat. Traditional machine learning and deep learning methods are hampered by issues such as the need for extensive training data, catastrophic forgetting, and poor generalization. Recently, Lar...

7.3AI score
Exploits0
OSV
OSV
added 2025/01/30 5:52 p.m.10 views

GHSA-756X-M4MJ-Q96C Kubewarden-Controller information leak via AdmissionPolicyGroup Resource

Impact The policy group feature, added to by the 1.17.0 release, introduced two new types of CRD: ClusterAdmissionPolicyGroup and AdmissionPolicyGroup. The former is cluster wide, while the latter is namespaced. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluste...

4.3CVSS4.7AI score0.00282EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/01/30 5:52 p.m.33 views

Kubewarden-Controller information leak via AdmissionPolicyGroup Resource

Impact The policy group feature, added to by the 1.17.0 release, introduced two new types of CRD: ClusterAdmissionPolicyGroup and AdmissionPolicyGroup. The former is cluster wide, while the latter is namespaced. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluste...

4.3CVSS4.5AI score0.00282EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/01/30 4:15 p.m.19 views

CVE-2025-24784

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS0.00282EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/30 3:39 p.m.9 views

CVE-2025-24784 kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource

kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. The policy group feature, added to by the 1.17.0 release. By being namespaced, the AdmissionPolicyGroup has a well constrained impact on cluster resources. Hence, it’s considere...

4.3CVSS4.4AI score0.00282EPSS
Exploits0References2
Rows per page
Query Builder