Lucene search
K

10 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 5:33 a.m.21 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.14 views

AI in Cybersecurity Education -- Scalable Agentic CTF Design Principles and Educational Outcomes

Large language models are rapidly changing how learners acquire and demonstrate cybersecurity skills. However, when human--AI collaboration is allowed, educators still lack validated competition designs and evaluation practices that remain fair and evidence-based. This paper presents a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.3 views

A Comparative Study of Recent Advances in Internet of Intrusion Detection Things

The Internet of Things IoT has revolutionized the way devices communicate and interact with each other, but it has also created new challenges in terms of security. In this context, intrusion detection has become a crucial mechanism to ensure the safety of IoT systems. To address this issue, a...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/20 12:0 a.m.3 views

Many Tools, Few Exploitable Vulnerabilities: A Survey of 246 Static Code Analyzers for Security

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses or application domains, no overview of the entire securit...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/05 12:0 a.m.22 views

TeleAI-Safety: A Comprehensive LLM Jailbreaking Benchmark Towards Attacks, Defenses, and Evaluations

While the deployment of large language models LLMs in high-value industries continues to expand, the systematic assessment of their safety against jailbreak and prompt-based attacks remains insufficient. Existing safety evaluation benchmarks and frameworks are often limited by an imbalanced...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/17 12:0 a.m.10 views

Beyond Fixed and Dynamic Prompts: Embedded Jailbreak Templates for Advancing LLM Security

As the use of large language models LLMs continues to expand, ensuring their safety and robustness has become a critical challenge. In particular, jailbreak attacks that bypass built-in safety mechanisms are increasingly recognized as a tangible threat across industries, driving the need for...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/27 12:0 a.m.8 views

Agentic AI Security: Threats, Defenses, Evaluation, and Open Challenges

Agentic AI systems powered by large language models LLMs and endowed with planning, tool use, memory, and autonomy, are emerging as powerful, flexible platforms for automation. Their ability to autonomously execute tasks across web, software, and physical environments creates new and amplified...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/30 12:0 a.m.11 views

Red Teaming Program Repair Agents: When Correct Patches Can Hide Vulnerabilities

LLM-based agents are increasingly deployed for software maintenance tasks such as automated program repair APR. APR agents automatically fetch GitHub issues and use backend LLMs to generate patches that fix the reported bugs. However, existing work primarily focuses on the functional correctness ...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/05/29 10:4 p.m.11 views

Evaluating the Security Efficacy of Web Application Firewalls (WAFs)

Web Application Firewalls WAFs are now a staple in defending web-facing applications and APIs, acting as specialized filters to block malicious traffic before it ever reaches your systems. But simply deploying a WAF isn’t enough, the real challenge is knowing whether it works when it matters most...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/26 2:51 p.m.62 views

Breaking free from the VirusTotal silo: Lock and Code S02E07

This week on Lock and Code, we speak to Malwarebytes Chief Information Security Officer John Donovan about the flaws in using VirusTotal as the one source of truth when evaluating whether or not a cybersecurity tool actually works. Its a practice that is surprisingly common. Weeks ago, Malwarebyt...

0.2AI score
Exploits0
Rows per page
Query Builder