Lucene search
K

42 matches found

Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

Evaluating Large Language Models for Phishing Detection, Self-Consistency, Faithfulness, and Explainability

Phishing attacks remain one of the most prevalent and persistent cybersecurity threat with attackers continuously evolving and intensifying tactics to evade the general detection system. Despite significant advances in artificial intelligence and machine learning, faithfully reproducing the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.1 views

Enclosing Prototypical Variational Autoencoder for Explainable Out-of-Distribution Detection

Understanding the decision-making and trusting the reliability of Deep Machine Learning Models is crucial for adopting such methods to safety-relevant applications. We extend self-explainable Prototypical Variational models with autoencoder-based out-of-distribution OOD detection: A Variational...

6.9AI score
Exploits0
NVD
NVD
added 2025/06/20 4:15 p.m.10 views

CVE-2025-6193

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS0.00757EPSS
Exploits0References4
OSV
OSV
added 2025/06/20 4:15 p.m.4 views

CVE-2025-6193

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS5.8AI score0.00757EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/20 3:54 p.m.9 views

CVE-2025-6193 Trustyai-explainability: command injection via lmevaljob cr

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS0.00757EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/20 3:54 p.m.3 views

CVE-2025-6193 Trustyai-explainability: command injection via lmevaljob cr

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS6AI score0.00757EPSS
Exploits0References4
CVE
CVE
added 2025/06/20 3:54 p.m.20 views

CVE-2025-6193

TrustyAI Explainability toolkit vulnerability CVE-2025-6193 arises from command injection in LMEvalJob CR handling. An attacker with permissions to deploy a LMEValJob CR can craft fields that escape the constructed lm_eval command, leading to arbitrary commands executed in the LMEvalJob pod termi...

5.9CVSS6.3AI score0.00757EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/06/20 3:54 p.m.2 views

CVE-2025-6193

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS7.2AI score0.00757EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/06/20 2:16 p.m.6 views

CVE-2025-6193

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource CR may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with...

5.9CVSS7.8AI score0.00757EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.5 views

PT-2025-26441 · Unknown · Trustyai Explainability Toolkit

Name of the Vulnerable Software and Affected Versions: TrustyAI Explainability toolkit affected versions not specified Description: A command injection issue was discovered in the TrustyAI Explainability toolkit. This issue allows arbitrary commands placed in certain fields of a LMEValJob custom...

5.9CVSS6.9AI score0.00757EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.3 views

TrustyAI Explainability 操作系统命令注入漏洞

TrustyAI Explainability is an open source TrustyAI toolkit from TrustyAI. TrustyAI Explainability suffers from an operating system command injection vulnerability that stems from command injection and could result in an authenticated user executing arbitrary commands...

5.9CVSS7.2AI score0.00757EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.3 views

Striking Back at Cobalt: Using Network Traffic Metadata to Detect Cobalt Strike Masquerading Command and Control Channels

Off-the-shelf software for Command and Control is often used by attackers and legitimate pentesters looking for discretion. Among other functionalities, these tools facilitate the customization of their network traffic so it can mimic popular websites, thereby increasing their secrecy. Cobalt...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/30 12:0 a.m.3 views

Chances and Challenges of the Model Context Protocol in Digital Forensics and Incident Response

Large language models hold considerable promise for supporting forensic investigations, but their widespread adoption is hindered by a lack of transparency, explainability, and reproducibility. This paper explores how the emerging Model Context Protocol can address these challenges and support th...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/24 12:0 a.m.14 views

LLM-Driven APT Detection for 6G Wireless Networks: a Systematic Review and Taxonomy

Sixth Generation 6G wireless networks, which are expected to be deployed in the 2030s, have already created great excitement in academia and the private sector with their extremely high communication speed and low latency rates. However, despite the ultra-low latency, high throughput, and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.5 views

Interpretable Anomaly Detection in Encrypted Traffic Using SHAP with Machine Learning Models

The widespread adoption of encrypted communication protocols such as HTTPS and TLS has enhanced data privacy but also rendered traditional anomaly detection techniques less effective, as they often rely on inspecting unencrypted payloads. This study aims to develop an interpretable machine...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.5 views

Unveiling the Black Box: a Multi-Layer Framework for Explaining Reinforcement Learning-Based Cyber Agents

Reinforcement Learning RL agents are increasingly used to simulate sophisticated cyberattacks, but their decision-making processes remain opaque, hindering trust, debugging, and defensive preparedness. In high-stakes cybersecurity contexts, explainability is essential for understanding how...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.3 views

Explainable Machine Learning for Cyberattack Identification from Traffic Flows

The increasing automation of traffic management systems has made them prime targets for cyberattacks, disrupting urban mobility and public safety. Traditional network-layer defenses are often inaccessible to transportation agencies, necessitating a machine learning-based approach that relies sole...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/29 12:0 a.m.4 views

GiBy: a Giant-Step Baby-Step Classifier for Anomaly Detection in Industrial Control Systems

The continuous monitoring of the interactions between cyber-physical components of any industrial control system ICS is required to secure automation of the system controls, and to guarantee plant processes are fail-safe and remain in an acceptably safe state. Safety is achieved by managing...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/25 12:0 a.m.3 views

A Gradient-Optimized TSK Fuzzy Framework for Explainable Phishing Detection

Phishing attacks represent an increasingly sophisticated and pervasive threat to individuals and organizations, causing significant financial losses, identity theft, and severe damage to institutional reputations. Existing phishing detection methods often struggle to simultaneously achieve high...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/22 12:0 a.m.4 views

On the Consistency of GNN Explanations for Malware Detection

Control Flow Graphs CFGs are critical for analyzing program execution and characterizing malware behavior. With the growing adoption of Graph Neural Networks GNNs, CFG-based representations have proven highly effective for malware detection. This study proposes a novel framework that dynamically...

7.1AI score
Exploits0
Rows per page
Query Builder