Lucene search
+L

151 matches found

Packet Storm News
Packet Storm News
added 2026/03/29 12:0 a.m.16 views

Policy-Driven Vulnerability Risk Quantification Framework for Large-Scale Cloud Infrastructure Data Security

The exponential growth of Common Vulnerabilities and Exposures CVE disclosures poses significant challenges for enterprise security management, necessitating automated and quantitative risk assessment methodologies. Existing vulnerability analysis approaches suffer from three critical limitations...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/22 12:0 a.m.42 views

When the Abyss Looks Back: Unveiling Evolving Dark Patterns in Cookie Consent Banners

To comply with data protection regulations such as the EU General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA, websites widely deploy cookie consent banners to collect users' privacy preferences. In practice, however, these interfaces often embed dark patterns tha...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.9 views

Favia: Forensic Agent for Vulnerability-Fix Identification and Analysis

Identifying vulnerability-fixing commits corresponding to disclosed CVEs is essential for secure software maintenance but remains challenging at scale, as large repositories contain millions of commits of which only a small fraction address security issues. Existing automated approaches, includin...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/09 12:59 p.m.16 views

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths. A clear pattern...

9.9CVSS6.5AI score0.11737EPSS
Exploits7
Packet Storm News
Packet Storm News
added 2026/02/01 12:0 a.m.7 views

DuoLungo: Usability Study of Duo 2FA

Multi-Factor Authentication MFA enhances login security by requiring multiple authentication factors. Its adoption has increased in response to more frequent and sophisticated attacks. Duo is widely used by organizations including Fortune 500 companies and major educational institutions, yet its...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.7 views

Okara: Detection and Attribution of TLS Man-In-The-Middle Vulnerabilities in Android Apps with Foundation Models

Transport Layer Security TLS is fundamental to secure online communication, yet vulnerabilities in certificate validation that enable Man-in-the-Middle MitM attacks remain a pervasive threat in Android apps. Existing detection tools are hampered by low-coverage UI interaction, costly...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.5 views

AEGIS: White-Box Attack Path Generation Using LLMs and Training Effectiveness Evaluation for Large-Scale Cyber Defence Exercises

Creating attack paths for cyber defence exercises requires substantial expert effort. Existing automation requires vulnerability graphs or exploit sets curated in advance, limiting where it can be applied. We present AEGIS, a system that generates attack paths using LLMs, white-box access, and...

5.5AI score
Exploits0
HackRead
HackRead
added 2026/01/28 11:8 a.m.8 views

Best IT Managed Services for Large Enterprises

Learn what defines top-tier enterprise managed IT services, why they matter, and how Mindcore Technologies meets large-scale business demands...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.8 views

MyTube security vulnerability

MyTube is a video self-hosted downloader and player developed by Peifan Li. Versions of MyTube prior to 1.7.78 contained security vulnerabilities, which stemmed from insufficient input validation in the settings management function. These vulnerabilities could lead to large-scale distribution...

5.3CVSS5.8AI score0.00284EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2026/01/23 12:0 a.m.213 views

📄 Siklu EtherHaul EH-8010 / EH-1200 Vulnerability Scanner

This PHP-based scanner safely detects an unauthenticated remote command execution vulnerability in Siklu EtherHaul EH-8010 and EH-1200 devices by sending a non-destructive encrypted probe command and validating the response. The scanner does not alter device state and is suitable for large-scale...

9.8CVSS5.8AI score0.00978EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/01/22 12:0 a.m.5 views

CAFE-GB: Scalable and Stable Feature Selection for Malware Detection Via Chunk-Wise Aggregated Gradient Boosting

High-dimensional malware datasets often exhibit feature redundancy, instability, and scalability limitations, which hinder the effectiveness and interpretability of machine learning-based malware detection systems. Although feature selection is commonly employed to mitigate these issues, many...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/15 12:0 a.m.22 views

Agent Skills in the Wild: An Empirical Study of Security Vulnerabilities at Scale

The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute with implicit trust and minimal vetting, creating a...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/23 12:0 a.m.6 views

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.31 views

APT-ClaritySet: A Large-Scale, High-Fidelity Labeled Dataset for APT Malware with Alias Normalization and Graph-Based Deduplication

Large-scale, standardized datasets for Advanced Persistent Threat APT research are scarce, and inconsistent actor aliases and redundant samples hinder reproducibility. This paper presents APT-ClaritySet and its construction pipeline that normalizes threat actor aliases reconciling approximately...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/06 12:0 a.m.4 views

Characterizing Large-Scale Adversarial Activities through Large-Scale Honey-Nets

The increasing sophistication of cyber threats demands novel approaches to characterize adversarial strategies, particularly those targeting critical infrastructure and IoT ecosystems. This paper presents a longitudinal analysis of attacker behavior using HoneyTrap, an adaptive honeypot framework...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/25 12:0 a.m.6 views

Hey There! You Are Using WhatsApp: Enumerating Three Billion Accounts for Security and Privacy

WhatsApp, with 3.5 billion active accounts as of early 2025, is the world's largest instant messaging platform. Given its massive user base, WhatsApp plays a critical role in global communication. To initiate conversations, users must first discover whether their contacts are registered on the...

6.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2025/11/24 2:0 p.m.8 views

Aggregated Rate Limiting Defends Against Large-Scale and DDoS Attacks

Discover how Akamai’s new aggregated rate limiting strengthens defenses against large-scale, distributed DDoS attacks, and API abuse with smarter detection...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/21 12:0 a.m.7 views

The Dark Side of Flexibility: How Aggregated Cyberattacks Threaten the Power Grid

Flexible energy resources are increasingly becoming common in smart grids. These resources are typically managed and controlled by aggregators that coordinate many resources to provide flexibility services. However, these aggregators and flexible energy resources are vulnerable, which could allow...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/14 9:53 a.m.11 views

Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign

State-sponsored threat actors from China used artificial intelligence AI technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign" in mid-September 2025. "The attackers used AI's 'agentic' capabilities to an unprecedented degre...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/13 4:58 a.m.8 views

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort. "The packages were systematically published over an extended period, flooding the npm...

7AI score
Exploits0
Rows per page
Query Builder