Lucene search
K

269 matches found

GithubExploit
GithubExploit
added 2026/06/14 6:53 a.m.86 views

wannacry-soc-lab

WannaCry SOC Investigation Lab Overview This project simu...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

Evaluating and Combating the Impact of Concept Drift on the Performance of Machine Learning-Based Phishing Detection Systems

The expansion of the digital domain has resulted in a substantial increase in digital communication, with email emerging as one of the most prominent channels. The proliferation of email communication is apparent in both professional and personal contexts, thereby creating numerous vulnerabilitie...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.5 views

When Discovery Outpaces Remediation: Modeling AI-Accelerated Vulnerability Discovery in Interconnected Systems

Advanced AI systems for code analysis, binary analysis, fuzzing orchestration, and penetration-test planningmay significantly increase the rate at which latent vulnerabilities are discovered. While improved discovery can benefit defenders, it can also overload remediation pipelines and accelerate...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.5 views

Unveiling Privacy Risks in Multi-Modal Large Language Models: Task-Specific Vulnerabilities and Mitigation Challenges

Privacy risks in text-only Large Language Models LLMs are well studied, particularly their tendency to memorize and leak sensitive information. However, Multi-modal Large Language Models MLLMs, which process both text and images, introduce unique privacy challenges that remain underexplored...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/04 12:0 a.m.25 views

Credential Disclosure in (EU) Digital Identity Wallets: Privacy Risks and Practical Mitigations

The European Union will introduce the EUDI Wallet by late 2026, which allows users to hold digital credentials i.e., representations of physical official identity documents on their devices. This will allow users to securely and privately disclose identity attributes to websites. Although such a...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.25 views

Description-Code Inconsistency in Real-World MCP Servers: Measurement, Detection, and Security Implications

The Model Context Protocol MCP has emerged as a critical standard empowering Large Language Models LLMs to utilize external tools. In this ecosystem, LLMs rely on natural language descriptions provided by MCP servers to select and execute functions. This interaction implicitly assumes that tool...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.11 views

Security Analysis of a Communication Protocol: MQTT

This paper analyzes the security of the Message Queuing Telemetry Transport MQTT protocol in the context of the Internet of Things IoT. The main objective consists of identifying vulnerabilities and proposing security improvements. Adopting a hybrid methodology, a theoretical review was combined...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.9 views

Security Risks in Tool-Enabled AI Agents: A Systematic Analysis of Privileged Execution Environments

Tool-enabled AI agents are increasingly deployed in cloud-hosted environments and offered as services, where they perform side-effecting operations through privileged tools within execution environments. While such agents enable powerful automation, the security implications of hosting autonomous...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/20 12:0 a.m.9 views

Memory Poisoning and Secure Multi-Agent Systems

Memory poisoning attacks for Agentic AI and multi-agent systems MAS have recently caught attention. It is partially due to the fact that Large Language Models LLMs facilitate the construction and deployment of agents. Different memory systems are being used nowadays in this context, including...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/02/26 5:4 p.m.8 views

Threat modeling AI applications

Proactively identifying, assessing, and addressing risk in AI systems We cannot anticipate every misuse or emergent behavior in AI systems. We can , however, identify what can go wrong, assess how bad it could be, and design systems that help reduce the likelihood or impact of those failure modes...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/26 9:49 a.m.152 views

Exploit for CVE-2026-24009

docling-core-CVE-2026-24009 T...

8.1CVSS5.3AI score0.01376EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.18 views

From Similarity to Vulnerability: Key Collision Attack on LLM Semantic Caching

Semantic caching has emerged as a pivotal technique for scaling LLM applications, widely adopted by major providers including AWS and Microsoft. By utilizing semantic embedding vectors as cache keys, this mechanism effectively minimizes latency and redundant computation for semantically similar...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.3 views

Techniques of Modern Attacks

The techniques used in modern attacks have become an important factor for investigation. As we advance further into the digital age, cyber attackers are employing increasingly sophisticated and highly threatening methods. These attacks target not only organizations and governments but also extend...

5.6AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/01 2:15 a.m.200 views

Exploit for CVE-2025-6440

cara penggunaan 1. git clone https://git...

9.8CVSS7AI score0.31827EPSS
Exploits12
OSV
OSV
added 2025/11/14 2:45 p.m.9 views

HSEC-2025-0005 cabal-install dependency confusion

cabal-install dependency confusion For cabal-install 3.4.0.0 and where multiple repositories are configured, the resolver picks the highest available version across all repositories. Where a package is only defined in a private repository, this behaviour leads to a dependency confusionblog supply...

6.9AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/11/06 12:0 a.m.6 views

Explaining Software Vulnerabilities with Large Language Models

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing SAST tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic warning messages do not sufficiently communicate important...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/04 12:0 a.m.4 views

On the Dangers of Poisoned LLMs in Security Automation

This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited dataset, can introduce significant bias, to the extent tha...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/21 12:0 a.m.4 views

Quantifying Security for Networked Control Systems: A Review

Networked Control Systems NCSs are integral in critical infrastructures such as power grids, transportation networks, and production systems. Ensuring the resilient operation of these large-scale NCSs against cyber-attacks is crucial for societal well-being. Over the past two decades, extensive...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-9020

Malware in sbrugna...

9.3CVSS7.7AI score0.03824EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-30694

Malicious code in bioql PyPI...

9.9CVSS9.2AI score0.01995EPSS
Exploits0References4
Rows per page
Query Builder