Lucene search
K

100 matches found

Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.47 views

GenTI: Benchmarking LLMs for Autonomous IDPS Rule Generation for Unseen Attacks

Rule-based Intrusion Detection and Prevention Systems IDPS offer precise attack detection as well as mitigation, however their manually crafted, signature-driven rules limit adaptability to emerging and zero-day threats. Additionally, existing public datasets e.g., CICIDS2017, UNSW-NB15 focus on...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.14 views

TTPrint: Evidence-Grounded TTP Extraction Via Diverge-Then-Converge Verification

Extracting MITRE ATT&CK techniques from cyber threat intelligence CTI reports is an open-set, multi-label problem requiring both high recall not missing techniques and high precision not hallucinating unsupported ones. Existing methods--rule-based, supervised, and LLM-based--struggle to achieve...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.8 views

Context-Aware Entity-Relation Extraction for Threat Intelligence Knowledge Graphs

Cybersecurity Knowledge Graphs CKGs unify diverse Cyber Threat Intelligence CTI sources into structured, queryable formats, offering scalable solutions for automating proactive and real-time security responses. Their increasing adoption has significantly enhanced the workflow and decision-making...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.3 views

Beyond RAG for Cyber Threat Intelligence: A Systematic Evaluation of Graph-Based and Agentic Retrieval

Cyber threat intelligence CTI analysts must answer complex questions over large collections of narrative security reports. Retrieval-augmented generation RAG systems help language models access external knowledge, but traditional vector retrieval often struggles with queries that require reasonin...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.3 views

ProHunter APT Hunting Tool / Paper

Advanced Persistent Threats APTs remain difficult to detect due to their stealthy nature and long-term persistence. To tackle this challenge, provenance-based threat hunting has gained traction as a proactive defense mechanism. This technique models audit logs as a whole-system provenance graph a...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/03/20 4:19 p.m.119 views

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

Excerpt: CTI-REALM is Microsoft’s open-source benchmark for evaluating AI agents on real-world detection engineering—turning cyber threat intelligence CTI into validated detections. Instead of measuring “CTI trivia,” CTI-REALM tests end-to-end workflows: reading threat reports, exploring telemetr...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/04 12:0 a.m.2 views

From Threat Intelligence to Firewall Rules: Semantic Relations in Hybrid AI Agent and Expert System Architectures

Web security demands rapid response capabilities to evolving cyber threats. Agentic Artificial Intelligence AI promises automation, but the need for trustworthy security responses is of the utmost importance. This work investigates the role of semantic relations in extracting information for...

6AI score
Exploits0
Circl
Circl
added 2026/02/04 1:0 p.m.3 views

CERTFR-2026-CTI-001

creationtimestamp| type| source ---|---|--- 2026-02-04 13:00:41+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116012485069158031...

5.8AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.3 views

SCyTAG: Scalable Cyber-Twin for Threat-Assessment Based on Attack Graphs

Understanding the risks associated with an enterprise environment is the first step toward improving its security. Organizations employ various methods to assess and prioritize the risks identified in cyber threat intelligence CTI reports that may be relevant to their operations. Some methodologi...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/30 12:0 a.m.4 views

Hesperus Is Phosphorus: Mapping Threat Actor Naming Taxonomies at Scale

This paper studies the problem of Threat Actor TA naming convention inconsistency across leading Cyber Threat Intelligence CTI vendors. The current decentralized and proprietary nomenclature creates confusion and significant obstacles for researchers, including difficulties in integrating and...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/02 12:0 a.m.6 views

AthenaBench: A Dynamic Benchmark for Evaluating LLMs in Cyber Threat Intelligence

Large Language Models LLMs have demonstrated strong capabilities in natural language reasoning, yet their application to Cyber Threat Intelligence CTI remains limited. CTI analysis involves distilling large volumes of unstructured reports into actionable knowledge, a process where LLMs could...

6.8AI score
Exploits0
HackRead
HackRead
added 2025/10/14 2:0 p.m.4 views

Criminal IP to Showcase ASM and CTI Innovations at GovWare 2025 in Singapore

Torrance, United States, 14th October 2025, CyberNewsWire...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/13 12:0 a.m.5 views

CTIArena: Benchmarking LLM Knowledge and Reasoning across Heterogeneous Cyber Threat Intelligence

Cyber threat intelligence CTI is central to modern cybersecurity, providing critical insights for detecting and mitigating evolving threats. With the natural language understanding and reasoning capabilities of large language models LLMs, there is increasing interest in applying them to CTI, whic...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-21883

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13511

Malicious code in bioql PyPI...

9.1CVSS8.7AI score0.00776EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2024-23427

Malicious code in bioql PyPI...

8.3CVSS8.2AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41714

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00567EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-15725

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.00353EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-41271

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00347EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/01 12:0 a.m.4 views

POLAR: Automating Cyber Threat Prioritization through LLM-Powered Assessment

Large Language Models LLMs are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence CTI to support vulnerability assessment and incident response. While recent work has shown that LLMs can support a wid...

6.9AI score
Exploits0
Rows per page
Query Builder