Lucene search
K

20 matches found

Packet Storm News
Packet Storm News
added 2026/05/27 12:0 a.m.33 views

Measuring Real-World Prompt Injection Attacks in LLM-Based Resume Screening

LLMs are vulnerable to prompt injection attacks. However, this vulnerability has been primarily demonstrated conceptually in academic studies or through a few anecdotal case studies. Its prevalence and impact in real-world LLM-based applications are largely unexplored. In this work, we present th...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.14 views

CALIBURN: A Regime-Sensitivity Study of Operationally Calibrated Streaming Intrusion Detection

Streaming network intrusion detection systems must process flows continuously while keeping memory bounded, but most current methods leave alerting threshold selection as a post-hoc tuning problem poorly suited to production. Operators need alerting behaviour specifiable before deployment using...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/15 11:0 a.m.17 views

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust , we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your I...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/10 11:0 a.m.12 views

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.40 views

Debt behind the AI Boom: A Large-Scale Empirical Study of AI-Generated Code in the Wild

AI coding assistants are now widely used in software development. Software developers increasingly integrate AI-generated code into their codebases to improve productivity. Prior studies have shown that AI-generated code may contain code quality issues under controlled settings. However, we still...

6AI score
Exploits0
Securelist
Securelist
added 2026/03/04 10:0 a.m.7 views

Mobile malware evolution in 2025

Starting from the third quarter of 2025, we have updated our statistical methodology based on the Kaspersky Security Network. These changes affect all sections of the report except for the installation package statistics, which remain unchanged. To illustrate trends between reporting periods, we...

6.1AI score
Exploits0
Securelist
Securelist
added 2025/11/19 10:0 a.m.10 views

IT threat evolution in Q3 2025. Mobile statistics

IT threat evolution in Q3 2025. Mobile statistics IT threat evolution in Q3 2025. Non-mobile statistics The quarter at a glance In the third quarter of 2025, we updated the methodology for calculating statistical indicators based on the Kaspersky Security Network. These changes affected all...

6.7AI score
Exploits0
Wiz blog
Wiz blog
added 2025/09/09 12:20 p.m.7 views

Widespread npm Supply Chain Attack: Breaking Down Impact & Scope Across Debug, Chalk, and Beyond

A deeper look at the npm debug/chalk supply-chain incident: deobfuscating the wallet-hijacking browser interceptor, quantifying the 2-hour exposure with Wiz telemetry 99% package prevalence, 10% malware presence, and unpacking what made it spread so fast...

7AI score
Exploits0
Trellix
Trellix
added 2023/09/01 12:0 a.m.15 views

ICYMI: Emotet Reappeared Early This Year, Unfortunately

ICYMI: Emotet Reappeared Early This Year, Unfortunately By Adithya Chandra, Joao Marques, and Raghav Kapoor · September 1, 2023 Executive Summary Emotet first appeared in 2014 and continues to be a dangerous and resilient malware, despite attempts by law enforcement agencies to take it down in...

7.7AI score
Exploits0
Trellix
Trellix
added 2023/09/01 12:0 a.m.15 views

ICYMI: Emotet Reappeared Early This Year, Unfortunately

ICYMI: Emotet Reappeared Early This Year, Unfortunately By Adithya Chandra and Joao Marques · September 1, 2023 This blog was also written by Raghav Kapoor Executive Summary Emotet first appeared in 2014 and continues to be a dangerous and resilient malware, despite attempts by law enforcement...

7.7AI score
Exploits0
CISA
CISA
added 2022/11/10 12:0 a.m.67 views

CISA Releases SSVC Methodology to Prioritize Vulnerabilities

Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization SSVC, a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular...

0.4AI score
Exploits0References5
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/11 4:0 p.m.22 views

Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders

The MITRE Center for Threat-Informed Defense, Microsoft, and other industry partners collaborated on a project that created a repeatable methodology for developing a top MITRE ATT&CK® techniques list. The method aims to facilitate navigation of the ATT&CK framework, which could help new defenders...

Exploits0
Microsoft Secure
Microsoft Secure
added 2022/05/11 4:0 p.m.18 views

Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders

The MITRE Center for Threat-Informed Defense, Microsoft, and other industry partners collaborated on a project that created a repeatable methodology for developing a top MITRE ATT&CK® techniques list. The method aims to facilitate navigation of the ATT&CK framework, which could help new defenders...

Exploits0
Information Security Automation
Information Security Automation
added 2021/07/04 3:21 p.m.112 views

Vulristics HTML Report Update: Table for Products, Table for Vuln. Types and “Prevalence”

Hi guys! I was on vacation this week. So I had time to work on my Vulristics project. For those who dont know, this is a framework for prioritizing known CVE vulnerabilities. I was mainly grooming the HTML report. I added a logo at the top, set a max width for the report, added a timestamp when t...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/10/19 1:6 p.m.370 views

Are You Still Running End-of-Life Windows Servers?

Windows Server 2008 and 2008 R2 reached their end of life EOL on Jan. 14, 2020. What does that mean in practice? Well, any instances running these versions of Windows Server are no longer supported by Microsoft—no more automated fixes, updates, or technical assistance. From a security standpoint,...

9.3CVSS0.99512EPSS
Exploits75
Microsoft Secure
Microsoft Secure
added 2017/12/04 11:6 p.m.20 views

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit DCU, announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/12/04 11:6 p.m.11 views

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit DCU, announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the...

7.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/12/04 11:6 p.m.16 views

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit DCU, announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2010/12/30 7:48 p.m.10 views

Reports Show the Prevalence of Spam Dropping

A Kaspersky Lab research report for November 2010 showed the amount of email based spam fell 0.06 percent to 76.8 percent from October. The study also showed there was a .47 percent decrease in the prevalence of phishing emails across all mail traffic and a .13 percent decrease in the frequency o...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2009/03/16 5:49 p.m.11 views

Jose Nazario on botnets and DDoS defense

Few people in the world know more about the internal workings of botnets, DDoS attacks and defense than Jose Nazario, a senior security researcher at Arbor Networks. Don’t miss his thoughts on why DDoS attacks are more prevalent in some regions than others and how to react if you’re attacked...

3.3AI score
Exploits0
Rows per page
Query Builder