Lucene search
K

166 matches found

Packet Storm News
Packet Storm News
added 2026/03/25 12:0 a.m.7 views

Environment-Grounded Multi-Agent Workflow for Autonomous Penetration Testing

The increasing complexity and interconnectivity of digital infrastructures make scalable and reliable security assessment methods essential. Robotic systems represent a particularly important class of operational technology, as modern robots are highly networked cyber-physical systems deployed in...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/24 12:0 a.m.6 views

SoK: The Attack Surface of Agentic AI -- Tools, and Autonomy

Recent AI systems combine large language models with tools, external knowledge via retrieval-augmented generation RAG, and even autonomous multi-agent decision loops. This agentic AI paradigm greatly expands capabilities - but also vastly enlarges the attack surface. In this systematization, we m...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/21 12:0 a.m.9 views

AEGIS: From Clues to Verdicts -- Graph-Guided Deep Vulnerability Reasoning Via Dialectics and Meta-Auditing

Large Language Models LLMs are increasingly adopted for vulnerability detection, yet their reasoning remains fundamentally unsound. We identify a root cause shared by both major mitigation paradigms agent-based debate and retrieval augmentation: reasoning in an ungrounded deliberative space that...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/20 6:33 p.m.5 views

EUVD-2026-13766

mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...

8.1CVSS5.8AI score0.00387EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Langflow 安全漏洞

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Versions of Langflow prior to 1.9.0 contained a security vulnerability. This vulnerability stemmed from the deleteapikeyroute endpoint, which did not verify the ownership of the...

8.8CVSS5.9AI score0.0039EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/20 12:0 a.m.9 views

Memory Poisoning and Secure Multi-Agent Systems

Memory poisoning attacks for Agentic AI and multi-agent systems MAS have recently caught attention. It is partially due to the fact that Large Language Models LLMs facilitate the construction and deployment of agents. Different memory systems are being used nowadays in this context, including...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.7 views

Adversarial Reinforcement Learning for Detecting False Data Injection Attacks in Vehicular Routing

In modern transportation networks, adversaries can manipulate routing algorithms using false data injection attacks, such as simulating heavy traffic with multiple devices running crowdsourced navigation applications, to mislead vehicles toward suboptimal routes and increase congestion. To addres...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.11 views

ProvAgent: Threat Detection Based on Identity-Behavior Binding and Multi-Agent Collaborative Attack Investigation

Advanced Persistent Threats APTs pose critical challenges to modern cybersecurity due to their multi-stage and stealthy nature. While provenance-based detection approaches show promise in capturing causal attack semantics, current threat provenance practices face two paradoxical issues: 1 expert...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.7 views

SCAFFOLD-CEGIS: Preventing Latent Security Degradation in LLM-Driven Iterative Code Refinement

The application of large language models to code generation has evolved from one-shot generation to iterative refinement, yet the evolution of security throughout iteration remains insufficiently understood. Through comparative experiments on three mainstream LLMs, this paper reveals the iterativ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.7 views

Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing

Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses that translate fuzzer-generated inputs into valid API invocations. Manual harness creation is time-consuming and requires deep understanding of API semantics,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.3 views

Security Considerations for Multi-Agent Systems

Multi-agent artificial intelligence systems or MAS are systems of autonomous agents that exercise delegated tool authority, share persistent memory, and coordinate via inter-agent communication. MAS introduces qualitatively distinct security vulnerabilities from those documented for singular AI...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.2 views

AgenticCyOps: Securing Multi-Agentic AI Integration in Enterprise Cyber Operations

Multi-agent systems MAS powered by LLMs promise adaptive, reasoning-driven enterprise workflows, yet granting agents autonomous control over tools, memory, and communication introduces attack surfaces absent from deterministic pipelines. While current research largely addresses prompt-level...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/04 12:0 a.m.2 views

From Threat Intelligence to Firewall Rules: Semantic Relations in Hybrid AI Agent and Expert System Architectures

Web security demands rapid response capabilities to evolving cyber threats. Agentic Artificial Intelligence AI promises automation, but the need for trustworthy security responses is of the utmost importance. This work investigates the role of semantic relations in extracting information for...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/03 12:0 a.m.2 views

Multi-Agent Honeypot-Based Request-Response Context Dataset for Improved SQL Injection Detection Performance

SQL injection remains a major threat to web applications, as existing defenses often fail against obfuscation and evolving attacks because of neglecting the request-response context. This paper presents a context-enriched SQL injection detection framework, focusing on constructing a high-quality...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/01 12:0 a.m.4 views

A Systematic Study of LLM-Based Architectures for Automated Patching

Large language models LLMs have shown promise for automated patching, but their effectiveness depends strongly on how they are integrated into patching systems. While prior work explores prompting strategies and individual agent designs, the field lacks a systematic comparison of patching...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/01 12:0 a.m.18 views

AWE: Adaptive Agents for Dynamic Web Penetration Testing

Modern web applications are increasingly produced through AI-assisted development and rapid no-code deployment pipelines, widening the gap between accelerating software velocity and the limited adaptability of existing security tooling. Pattern-driven scanners fail to reason about novel contexts,...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/27 12:0 a.m.4 views

Jailbreak Foundry: From Papers to Runnable Attacks for Reproducible Benchmarking

Jailbreak techniques for large language models LLMs evolve faster than benchmarks, making robustness estimates stale and difficult to compare across papers due to drift in datasets, harnesses, and judging protocols. We introduce JAILBREAK FOUNDRY JBF, a system that addresses this gap via a...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

Blockchain-Enabled Routing for Zero-Trust Low-Altitude Intelligent Networks

Due to the scalability and portability, low-altitude intelligent networks LAINs are essential in various fields such as surveillance and disaster rescue. However, in LAINs, unmanned aerial vehicles UAVs are characterized by the distributed topology and high mobility, thus vulnerable to security...

6.1AI score
Exploits0
Wiz blog
Wiz blog
added 2026/02/20 5:28 p.m.6 views

Building an Agentic Cloud Security Ecosystem: A Reference Architecture with Wiz MCP and Infosys Cyber Next

Coordinated Multi-Agent Investigation and Remediation...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.4 views

AXE: An Agentic EXploit Engine for Confirming Zero-Day Vulnerability Reports

Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing approaches typically operate in isolation from detection...

5.9AI score
Exploits0
Rows per page
Query Builder