Lucene search
K

447 matches found

Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.3 views

Backdoor Attacks on Contrastive Continual Learning for IoT Systems

The Internet of Things IoT systems increasingly depend on continual learning to adapt to non-stationary environments. These environments can include factors such as sensor drift, changing user behavior, device aging, and adversarial dynamics. Contrastive continual learning CCL combines contrastiv...

5.6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/12 10:55 p.m.220 views

Exploit for Incorrect Authorization in Qualcomm Aqt1000_Firmware

exploit my rework runnigga go fuck yourself scriptkid. this o...

8.6CVSS5.6AI score0.00665EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/02/03 12:0 a.m.7 views

Reading between the Code Lines: On the Use of Self-Admitted Technical Debt for Security Analysis

Static Analysis Tools SATs are central to security engineering activities, as they enable early identification of code weaknesses without requiring execution. However, their effectiveness is often limited by high false-positive rates and incomplete coverage of vulnerability classes. At the same...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/29 12:0 a.m.15 views

osTicket 1.18.3 Intelligence and Security Analysis Module

This Metasploit auxiliary module is designed for intelligence gathering, security analysis, and vulnerability discovery in osTicket installations. It performs passive and active reconnaissance without direct exploitation and stores results in the Metasploit database for reporting...

8.7CVSS5.9AI score0.8833EPSS
Exploits18
GithubExploit
GithubExploit
added 2026/01/24 3:2 p.m.153 views

XSS-Security-Analysis-HW8

No d...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.4 views

An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

Model-sharing platforms, such as Hugging Face, ModelScope, and OpenCSG, have become central to modern machine learning development, enabling developers to share, load, and fine-tune pre-trained models with minimal effort. However, the flexibility of these ecosystems introduces a critical security...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.5 views

LLM Security and Safety: Insights from Homotopy-Inspired Prompt Obfuscation

In this study, we propose a homotopy-inspired prompt obfuscation framework to enhance understanding of security and safety vulnerabilities in Large Language Models LLMs. By systematically applying carefully engineered prompts, we demonstrate how latent model behaviors can be influenced in...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.5 views

Post-Quantum Secure Aggregation Via Code-Based Homomorphic Encryption

Secure aggregation enables aggregation of inputs from multiple parties without revealing individual contributions to the server or other clients. Existing post-quantum approaches based on homomorphic encryption offer practical efficiency but predominantly rely on lattice-based hardness assumption...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/11 12:0 a.m.5 views

Operational Runtime Behavior Mining for Open-Source Supply Chain Security

Open-source software OSS is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime observations collected from sandboxed executions to investigate...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/10 10:1 a.m.8 views

Malicious code in mui7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 229ec4207198813ec81b334b0a5ac72c964258b80165cda21a1c25564819ad83 The package mui7 was found to contain malicious code. Source: ghsa-malware 81251ad548d890c9ade683aab8ffd6fb9d307a5e8bf6359d3b31f91080d26e8e Any...

7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/01/09 10:29 p.m.14 views

Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling's assessment Fickling started emitting AST nodes for builtins imports in order to match them during analysis https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf. Original report Summary Fickling works by Pickle bytecode -- AST -- Security analysis...

9.3CVSS7.5AI score0.00264EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/01/09 10:29 p.m.3 views

GHSA-H4RM-MM56-XF63 Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling's assessment Fickling started emitting AST nodes for builtins imports in order to match them during analysis https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf. Original report Summary Fickling works by Pickle bytecode -- AST -- Security analysis...

9.3CVSS6.1AI score0.00264EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2026/01/04 12:0 a.m.4 views

Exposing Hidden Interfaces: LLM-Guided Type Inference for Reverse Engineering MacOS Private Frameworks

Private macOS frameworks underpin critical services and daemons but remain undocumented and distributed only as stripped binaries, complicating security analysis. We present MOTIF, an agentic framework that integrates tool-augmented analysis with a finetuned large language model specialized for...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.3 views

From Consensus to Chaos: A Vulnerability Assessment of the RAFT Algorithm

In recent decades, the RAFT distributed consensus algorithm has become a main pillar of the distributed systems ecosystem, ensuring data consistency and fault tolerance across multiple nodes. Although the fact that RAFT is well known for its simplicity, reliability, and efficiency, its security...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.9 views

CellSecInspector: Safeguarding Cellular Networks Via Automated Security Analysis on Specifications

The complexity, interdependence, and rapid evolution of 3GPP specifications present fundamental challenges for ensuring the security of modern cellular networks. Manual reviews and existing automated approaches, which often depend on rule-based parsing or small sets of manually crafted security...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/25 12:0 a.m.6 views

Analyzing Code Injection Attacks on LLM-Based Multi-Agent Systems in Software Development

Agentic AI and Multi-Agent Systems are poised to dominate industry and society imminently. Powered by goal-driven autonomy, they represent a powerful form of generative AI, marking a transition from reactive content generation into proactive multitasking capabilities. As an exemplar, we propose a...

7.5AI score
Exploits0
OSV
OSV
added 2025/12/19 8:30 p.m.3 views

MAL-2025-192677 Malicious code in shakti20261 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a217c3c91ff80edbc760c82358d7d22c5819f0110ccf221e4d3639eb22e08ac7 The package shakti20261 was found to contain malicious code. Source: ghsa-malware e75357912e9e470657d646a2fd23a82c2f23cd2a6d0a987fb5b880eb8fa4c731 An...

6.8AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/03 12:0 a.m.6 views

Primitive Vector Cipher(PVC): A Hybrid Encryption Scheme Based on the Vector Computational Diffie-Hellman (V-CDH) Problem

This work introduces the Primitive Vector Cipher PVC, a novel hybrid encryption scheme integrating matrix-based cryptography with advanced Diffie-Hellman key exchange. PVC's security is grounded on the established hardness of the Vector Computational Diffie- Hellman V-CDH problem. The two-layered...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/03 12:0 a.m.212 views

📄 Microsoft Windows 11 Build 10.0.22631.6199 Advanced Admin Protection Bypass

This enhanced proof of concept exploit demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smart‑pointer wrappers for handles, secure SID management, deep registry enumeration, privileg...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/01 12:0 a.m.1 views

An Introductory Review of the Theory of Continuous-Variable Quantum Key Distribution: Fundamentals, Protocols, and Security

Continuous-variable quantum key distribution CV-QKD has emerged as a promising approach for secure quantum communication, offering advantages such as high key generation rates, compatibility with standard telecommunication infrastructure, and potential for integration on photonic chips. This revi...

6.8AI score
Exploits0
Rows per page
Query Builder