Lucene search
K

32 matches found

HackRead
HackRead
added 2026/05/14 12:37 a.m.13 views

TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack (Updated)

TeamPCP claims to be selling alleged Mistral AI repositories on a hacker forum after the Mini Shai-Hulud attack targeted npm and PyPI ecosystems...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/12 2:47 p.m.9 views

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems , the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on RubyGems right now," Maciej Mensfeld, senior product manager for...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/22 12:0 a.m.18 views

A Ground-Truth-Based Evaluation of Vulnerability Detection across Multiple Ecosystems

Automated vulnerability detection tools are widely used to identify security vulnerabilities in software dependencies. However, the evaluation of such tools remains challenging due to the heterogeneous structure of vulnerability data sources, inconsistent identifier schemes, and ambiguities in...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/17 12:0 a.m.2 views

A Longitudinal Study of Usability in Identity-Based Software Signing

Identity-based software signing tools aim to make software artifact provenance verifiable while reducing the operational burden of long-lived key management. However, there is limited cross-tool longitudinal evidence about which usability problems arise in practice and how those problems evolve a...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/18 11:58 a.m.12 views

Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state ...

6.2AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2026/02/09 1:0 p.m.7 views

The Myth of “Known APIs”: Why Inventory-First Security Models Are Already Obsolete

You probably think the security mantra “you can’t protect what you don’t know about” is an inarguable truth. But you would be wrong. It doesn’t hold water in today’s threat landscape. Of course, it sounds reasonable. Before you secure APIs, you must first discover, inventory, and document them...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/09 12:59 p.m.16 views

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths. A clear pattern...

9.9CVSS6.5AI score0.11737EPSS
Exploits7
HackRead
HackRead
added 2025/11/10 4:11 p.m.4 views

Why Organizations Can’t Ignore Vendor Risk Assessment in Today’s Cyber-Threat Landscape

In an era where digital ecosystems extend far beyond a company’s internal network, enterprise cybersecurity is no longer…...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/10/23 4:0 p.m.6 views

Harden your identity defense with improved protection, deeper correlation, and richer context

In today’s digital-first enterprise, identities have become the new corporate security perimeter. Hybrid work and cloud-first strategies have dissolved traditional network boundaries and dramatically increased the complexity of identity fabrics. Security teams are left managing a constellation of...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/18 12:0 a.m.2 views

The CryptoNeo Threat Modelling Framework (CNTMF): Securing Neobanks and Fintech in Integrated Blockchain Ecosystems

The rapid integration of blockchain, cryptocurrency, and Web3 technologies into digital banks and fintech operations has created an integrated environment blending traditional financial systems with decentralised elements. This paper introduces the CryptoNeo Threat Modelling Framework CNTMF, a...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/02 12:0 a.m.4 views

Are Crypto Ecosystems (De)Centralizing? A Framework for Longitudinal Analysis

Blockchain technology relies on decentralization to resist faults and attacks while operating without trusted intermediaries. Although industry experts have touted decentralization as central to their promise and disruptive potential, it is still unclear whether the crypto ecosystems built around...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.5 views

MPMA: Preference Manipulation Attack against Model Context Protocol

Model Context Protocol MCP standardizes interface mapping for large language models LLMs to access external data and tools, which revolutionizes the paradigm of tool selection and facilitates the rapid expansion of the LLM agent tool ecosystem. However, as the MCP is increasingly adopted,...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.4 views

Agent Name Service (ANS): a Universal Directory for Secure AI Agent Discovery and Interoperability

The proliferation of AI agents requires robust mechanisms for secure discovery. This paper introduces the Agent Name Service ANS, a novel architecture based on DNS addressing the lack of a public agent discovery framework. ANS provides a protocol-agnostic registry infrastructure that leverages...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.19 views

LLM-Based Threat Detection and Prevention Framework for IoT Ecosystems

The increasing complexity and scale of the Internet of Things IoT have made security a critical concern. This paper presents a novel Large Language Model LLM-based framework for comprehensive threat detection and prevention in IoT environments. The system integrates lightweight LLMs fine-tuned on...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/28 12:0 a.m.11 views

SoK: a Survey of Mixing Techniques and Mixers for Cryptocurrencies

Blockchain technologies have overturned the digital finance industry by introducing a decentralized pseudonymous means of monetary transfer. The pseudonymous nature introduced privacy concerns, enabling various deanonymization techniques, which in turn spurred development of stronger...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/23 12:0 a.m.6 views

Automatically Generating Rules of Malicious Software Packages Via Large Language Model

Today's security tools predominantly rely on predefined rules crafted by experts, making them poorly adapted to the emergence of software supply chain attacks. To tackle this limitation, we propose a novel tool, RuleLLM, which leverages large language models LLMs to automate rule generation for O...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/22 12:0 a.m.4 views

A Time Series Analysis of Malware Uploads to Programming Language Ecosystems

Software ecosystems built around programming languages have greatly facilitated software development. At the same time, their security has increasingly been acknowledged as a problem. To this end, the paper examines the previously overlooked longitudinal aspects of software ecosystem security,...

7.1AI score
Exploits0
Citrix
Citrix
added 2024/07/14 12:0 a.m.6 views

Citrix Endpoint Management: Policies Guide

Introduction Citrix XenMobile policies play a pivotal role in shaping how organizations interact with and manage their device ecosystems. By creating and enforcing specific policies, administrators can tailor the behaviour of devices to meet the unique needs of their business environments. Overvi...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.6 views

PT-2024-40088 · Cometbft · Cometbft

Name of the Vulnerable Software and Affected Versions: CometBFT versions All Description: A default configuration in CometBFT has been found to be insufficient for common use cases, potentially preventing the slashing mechanism from working in specific cases. The default values for...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2023/12/11 11:30 a.m.44 views

Douglas-042 - Powershell Script To Help Speed ​​Up Threat Hunting Incident Response Processes

DOUGLAS-042 stands as an ingenious embodiment of a PowerShell script meticulously designed to expedite the triage process and facilitate the meticulous collection of crucial evidence derived from both forensic artifacts and the ephemeral landscape of volatile data. Its fundamental mission revolve...

7.1AI score
Exploits0References2
Rows per page
Query Builder