Lucene search
K

22 matches found

Packet Storm News
Packet Storm News
added 2026/04/21 12:0 a.m.7 views

We Are Currently Clean on OPSEC: Why JD Can't Encrypt

We analyse the 2025 Signalgate leak of sensitive US military information by the Trump administration, addressing why confidentiality was violated messages leaked to the press in spite of encryption Signal, to deepen the socio-technical considerations when designing and deploying encryption. First...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/09 12:0 a.m.5 views

SoK: The Pitfalls of Deep Reinforcement Learning for Cybersecurity

Deep Reinforcement Learning DRL has achieved remarkable success in domains requiring sequential decision-making, motivating its application to cybersecurity problems. However, transitioning DRL from laboratory simulations to bespoke cyber environments can introduce numerous issues. This is furthe...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/10 12:0 a.m.14 views

Chasing Shadows: Pitfalls in LLM Security Research

Large language models LLMs are increasingly prevalent in security research. Their unique characteristics, however, introduce challenges that undermine established paradigms of reproducibility, rigor, and evaluation. Prior work has identified common pitfalls in traditional machine learning researc...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.6 views

CVE-2021-21413

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

9.6CVSS7.4AI score0.00713EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2025/03/19 3:0 p.m.15 views

The Hidden Costs and Ethical Pitfalls of Content Scraping

Read about the significant hidden costs and ethical pitfalls of content scraping — and learn how to protect your website...

7AI score
Exploits0
Talos Blog
Talos Blog
added 2024/08/15 6:0 p.m.28 views

AI, election security headline discussions at Black Hat and DEF CON

As promised, Im back this week to recap some of the top stories coming out of Black Hat and DEF CON. Also as promised, AI was the talk of Vegas during Hacker Summer Camp or at least from what Ive been reading and hearing, I wasnt there in person. Several exhibitions and talks at both conferences...

7.8CVSS7.7AI score0.19534EPSS
Exploits2
Talos Blog
Talos Blog
added 2024/08/08 6:0 p.m.11 views

The top stories coming out of the Black Hat cybersecurity conference

Over the next two weeks, two of the largest cybersecurity conferences in the world will take place in Las Vegas: Black Hat and DEF CON. That means product announcements, buzzwords and stories about "X smart appliance could burn your house down!" or something like that. Over the next two weeks, Il...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/11 11:45 a.m.17 views

Playbook: Your First 100 Days as a vCISO - 5 Steps to Success

In an increasingly digital world, no organization is spared from cyber threats. Yet, not every organization has the luxury of hiring a full-time, in-house CISO. This gap in cybersecurity leadership is where you, as a vCISO, come in. You are the person who will establish, develop, and solidify the...

7.1AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/06/21 8:14 p.m.13 views

The Power and Pitfalls of AI for US Intelligence

Artificial intelligence use is booming, but it's not the secret weapon you might imagine...

2.2AI score
Exploits0
SonarSource Blog
SonarSource Blog
added 2021/11/16 12:0 a.m.84 views

10 Unknown Security Pitfalls for Python

Python developers trust their applications to have a solid security state due to the use of standard libraries and common frameworks. However, within Python, just like in any other programming language, there are certain features that can be misleading or misused by developers. Often it is only a...

5CVSS9.9AI score0.35963EPSS
Exploits12
The Hacker News
The Hacker News
added 2021/05/05 1:37 p.m.43 views

New Study Warns of Security Threats Linked to Recycled Phone Numbers

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online...

0.5AI score
Exploits0
Gitee
Gitee
added 2021/04/14 9:13 a.m.5 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chao, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.8AI score
Exploits0
NVD
NVD
added 2021/03/30 11:15 p.m.37 views

CVE-2021-21413

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

9.6CVSS0.00713EPSS
Exploits0References4
OSV
OSV
added 2021/03/30 11:15 p.m.15 views

CVE-2021-21413

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

9.6CVSS7.4AI score
Exploits0References4
Prion
Prion
added 2021/03/30 11:15 p.m.29 views

Design/Logic Flaw

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

5.8CVSS9.2AI score0.00713EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2021/03/30 10:25 p.m.36 views

CVE-2021-21413 Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate

isolated-vm is a library for nodejs which gives you access to v8's Isolate interface. Versions of isolated-vm before v4.0.0 have API pitfalls which may make it easy for implementers to expose supposed secure isolates to the permissions of the main nodejs isolate. Reference objects allow access to...

8CVSS9.6AI score0.00713EPSS
Exploits0References4
Gitee
Gitee
added 2021/01/21 12:31 a.m.4 views

CTF-All-In-One

This is a comprehensive book on CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chaofei, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/01/28 12:2 p.m.78 views

LoRaWAN for IoT: Beware Encryption Misconfigurations and Security Pitfalls

UPDATE The LoRaWAN protocol, which efficiently supports low-power wireless devices over wide area networks, has become standard in the world of the industrial internet of things IoT. One of its benefits is its support for end-to-end encryption. However, researchers are warning that while LoRaWAN...

0.6AI score
Exploits0References6
Akamai Blog
Akamai Blog
added 2019/07/07 3:57 p.m.14 views

NSX-T vs. NSX-V – Key Differences and Pitfalls to Avoid

Learn the difference between VMware’s segmentation offerings, NSX-T vs NSX-V, and understand the several potential pitfalls that are important to consider before deployment...

7AI score
Exploits0
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2019/06/12 6:43 p.m.119 views

HTTPS client certificate authentication security issues. Part 2/3

In the first story, I described some issues related to client certificates authentication implementations in environments with load balancers. This time I’d like to mention some typical issues in custom certificate validation processes when a developer is doing this itself in application code...

Exploits0
Rows per page
Query Builder