Lucene search
+L

291 matches found

packetstormnews
packetstormnews
added 2026/04/20 12:0 a.m.8 views

Enhancing Anomaly-Based Intrusion Detection Systems with Process Mining

Anomaly-based Intrusion Detection Systems IDSs ensure protection against malicious attacks on networked systems. While deep learning-based IDSs achieve effective performance, their limited trustworthiness due to black-box architectures remains a critical constraint. Despite existing explainable...

5.7AI score
Exploits0
githubexploit
githubexploit
added 2026/04/18 2:17 p.m.123 views

sqli-research

🔬 sqli-research Time-Based Blind SQL Injection — Riset, Po...

5.9AI score
Exploits0
osv
osv
added 2026/04/14 4:34 p.m.4 views

OPENSUSE-SU-2026:20579-1 Security update for gosec

This update for gosec fixes the following issues: Changes in gosec: - Update to version 2.25.0: choredeps: bump google.golang.org/grpc from 1.75.0 to 1.79.3 1617 fix: allow barry action to access secrets on fork PRs 1616 fix: reduce G117 false positives for custom marshalers and transformed value...

8.7CVSS5.9AI score0.00396EPSS
Exploits0References1
osv
osv
added 2026/04/08 12:15 a.m.3 views

GHSA-W6C6-C85G-MMV6 Cosign's verify-blob-attestation reports false positive when payload parsing fails

Description cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For...

4.3CVSS5.8AI score0.00241EPSS
Exploits0References3
github
github
added 2026/04/08 12:15 a.m.7 views

Cosign's verify-blob-attestation reports false positive when payload parsing fails

Description cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For...

5.3CVSS5.9AI score0.00241EPSS
Exploits0References3Affected Software1
packetstormnews
packetstormnews
added 2026/04/06 12:0 a.m.20 views

Explainable Autonomous Cyber Defense Using Adversarial Multi-Agent Reinforcement Learning

Autonomous agents are increasingly deployed in both offensive and defensive cyber operations, creating high-speed, closed-loop interactions in critical infrastructure environments. Advanced Persistent Threat APT actors exploit "Living off the Land" techniques and targeted telemetry perturbations ...

5.9AI score
Exploits0
packetstormnews
packetstormnews
added 2026/04/02 12:0 a.m.15 views

RuleForge: Automated Generation and Validation for Web Vulnerability Detection at Scale

Security teams face a challenge: the volume of newly disclosed Common Vulnerabilities and Exposures CVEs far exceeds the capacity to manually develop detection mechanisms. In 2025, the National Vulnerability Database published over 48,000 new vulnerabilities, motivating the need for automation. W...

5.9AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/30 12:0 a.m.6 views

Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems

Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...

5.9AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/26 12:0 a.m.10 views

The System Prompt Is the Attack Surface: How LLM Agent Configuration Shapes Security and Creates Exploitable Vulnerabilities

System prompt configuration can make the difference between near-total phishing blindness and near-perfect detection in LLM email agents. We present PhishNChips, a study of 11 models under 10 prompt strategies, showing that prompt-model interaction is a first-order security variable: a single...

5.9AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/19 12:0 a.m.15 views

Cross-Ecosystem Vulnerability Analysis for Python Applications

Python applications depend on native libraries that may be vendored within package distributions or installed on the host system. When vulnerabilities are discovered in these libraries, determining which Python packages are affected requires cross-ecosystem analysis spanning Python dependency...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/14 12:0 a.m.3 views

Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence

YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/11 12:0 a.m.7 views

FP-Predictor - False Positive Prediction for Static Analysis Reports

Static Application Security Testing SAST tools play a vital role in modern software development by automatically detecting potential vulnerabilities in source code. However, their effectiveness is often limited by a high rate of false positives, which wastes developer's effort and undermines trus...

5.8AI score
Exploits0
akamaiblog
akamaiblog
added 2026/03/10 12:0 p.m.8 views

Avoid Evasive Scraping with Stronger Content Protection

Learn about the enhancements to Akamai Content Protector that stop evasive scraping across web and mobile while minimizing user friction and false positives...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/06 12:0 a.m.5 views

OpenAnt LLM-Based Vulnerability Discovery

OpenAnt from Knostic is an open source LLM-based vulnerability discovery product that helps defenders proactively find verified security flaws while minimizing both false positives and false negatives. Stage 1 detects. Stage 2 attacks. What survives is real...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/05 12:0 a.m.3 views

Nuclei 3.7.1

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

5.9AI score
Exploits0
packetstormnews
packetstormnews
added 2026/03/01 12:0 a.m.10 views

VEcho: A Paradigm Shift from Vulnerability Verification to Proactive Discovery with Large Language Models

Static Application Security Testing SAST tools often suffer from high false positive rates, leading to alert fatigue that consumes valuable auditing resources. Recent efforts leveraging Large Language Models LLMs as filters offer limited improvements; however, these methods treat LLMs as passive,...

6AI score
Exploits0
malwarebytes
malwarebytes
added 2026/02/25 3:48 p.m.6 views

Developer creates app to detect nearby smart glasses

An independent developer, moved after reading about the abuse of smart glasses to film people without their consent, decided to create an app to detect nearby smart glasses. Smart glasses are wearable devices built into ordinary-looking eyewear that add functions like audio, cameras, sensors, and...

5.5AI score
Exploits0
malwarebytes
malwarebytes
added 2026/02/11 10:9 a.m.6 views

Malwarebytes earns PCMag Best Tech Brand spot, scores 100% with MRG Effitas

Malwarebytes is on a roll. Recently named one of PCMag's “Best Tech Brands for 2026,” Malwarebytes also scored 100% on the first-ever MRG Effitas consumer security product test, cementing the fact that we are loved by users and trusted by experts. But don’t take our word for it. As PCMag Principa...

5.6AI score
Exploits0
packetstormnews
packetstormnews
added 2026/02/10 12:0 a.m.9 views

QRS: A Rule-Synthesizing Neuro-Symbolic Triad for Autonomous Vulnerability Discovery

Static Application Security Testing SAST tools are integral to modern DevSecOps pipelines, yet tools like CodeQL, Semgrep, and SonarQube remain fundamentally constrained: they require expert-crafted queries, generate excessive false positives, and detect only predefined vulnerability patterns...

5.7AI score
Exploits0
packetstormnews
packetstormnews
added 2026/01/30 12:0 a.m.56 views

Sifting the Noise: A Comparative Study of LLM Agents in Vulnerability False Positive Filtering

Static Application Security Testing SAST tools are essential for identifying software vulnerabilities, but they often produce a high volume of false positives FPs, imposing a substantial manual triage burden on developers. Recent advances in Large Language Model LLM agents offer a promising...

5.4AI score
Exploits0
Rows per page
Query Builder