Lucene search
K

103 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. The UserAttributeSimilarityValidator incurred significant overhead when evaluating a submitted password that was artificially large relative to the comparison values. In a situation where access to user...

7.5CVSS7.4AI score0.02397EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

Bridging the Smart City Cybersecurity Data Gap through AI-Driven Synthetic Dataset Generation

Smart cities rely on interconnected cyber-physical systems that integrate sensors, IoT devices, cloud platforms, and AI-driven services and decision-making. While these systems enhance city services, they also introduce complex cybersecurity challenges due to their large attack surfaces,...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.11 views

Intelligent Detection and Mitigation of Carpet-Bombing DDoS Attacks in SDN Using Retrieval-Augmented Generation and Large Language Models

Software-Defined Networking SDN provides flexible and programmable network management; however, its centralized control architecture remains highly vulnerable to Distributed Denial-of-Service DDoS attacks, particularly Carpet-Bombing DDoS attacks that distribute malicious traffic across multiple...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/24 12:0 a.m.15 views

SEED: Semi-Supervised Continual MalwarE Detection for Tackling ConcEpt Drift on a BuDget

Machine learning based malware detectors become obsolete over time due to concept drift in benign and malware applications. Recent methods rely on fully labeled data and use hierarchical contrastive loss HCL with active learning to improve robustness against drift by exploiting semantic structure...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/16 12:0 a.m.4 views

Half-Moon Cookie: Private, Similarity-Based Blocklisting with TOCTOU-Attack Resilience

Blocklisting is a common technique for preventing the use of known malicious content. However, conventional blocklisting infrastructures require either the blocklist to be public or clients to reveal their queries to the blocklist server. In this work, we introduce a private blocklisting framewor...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.5 views

Byte-Level Generative Predictions for Forensics Multimedia Carving

Digital forensic investigations often face significant challenges when recovering fragmented multimedia files that lack file system metadata. While traditional file carving relies on signatures and discriminative deep learning models for fragment classification, these methods cannot reconstruct o...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.5 views

Towards Automated Pentesting with Large Language Models

Large Language Models LLMs are redefining offensive cybersecurity by allowing the generation of harmful machine code with minimal human intervention. While attackers take advantage of dark LLMs such as XXXGPT and WolfGPT to produce malicious code, ethical hackers can follow similar approaches to...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/10 12:0 a.m.3 views

Multilingual AI-Driven Password Strength Estimation with Similarity-Based Detection

Considering the rise of cyberattacks incidents worldwide, the need to ensure stronger passwords is necessary. Developing a password strength meter PSM can help users create stronger passwords when creating an account on an online platform. This research aimed to explore whether incorporating a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.3 views

Predicting Known Vulnerabilities from Attack Descriptions Using Sentence Transformers

Modern infrastructures rely on software systems that remain vulnerable to cyberattacks. These attacks frequently exploit vulnerabilities documented in repositories such as MITRE's Common Vulnerabilities and Exposures CVE. However, Cyber Threat Intelligence resources, including MITRE ATT&CK and CV...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.6 views

Predicting Known Vulnerabilities from Attack News: A Transformer-Based Approach

Identifying the vulnerabilities exploited during cyberattacks is essential for enabling timely responses and effective mitigation in software security. This paper directly examines the process of predicting software vulnerabilities, specifically Common Vulnerabilities and Exposures CVEs, from...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/20 2:8 p.m.17 views

Age verification vendor Persona left frontend exposed, researchers say

Researchers investigating Discord’s age-verification checks say they discovered an exposed frontend belonging to Persona, the identity-verification vendor used by Discord. It revealed a far more expansive surveillance and financial intelligence stack than a simple “teen safety” tool. A short whil...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.4 views

A Unified Evaluation of Learning-Based Similarity Techniques for Malware Detection

Cryptographic digests e.g., MD5, SHA-256 are designed to provide exact identity. Any single-bit change in the input produces a completely different hash, which is ideal for integrity verification but limits their usefulness in many real-world tasks like threat hunting, malware analysis and digita...

5.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/01/29 9:20 p.m.5 views

Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

5.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/01/29 9:20 p.m.8 views

Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.6 views

LLM-Assisted Authentication and Fraud Detection

User authentication and fraud detection face growing challenges as digital systems expand and adversaries adopt increasingly sophisticated tactics. Traditional knowledge-based authentication remains rigid, requiring exact word-for-word string matches that fail to accommodate natural human memory...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/16 12:0 a.m.3 views

SimFuzz: Similarity-Guided Block-Level Mutation for RISC-V Processor Fuzzing

The Instruction Set Architecture ISA defines processor operations and serves as the interface between hardware and software. As an open ISA, RISC-V lowers the barriers to processor design and encourages widespread adoption, but also exposes processors to security risks such as functional bugs...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/10 12:0 a.m.15 views

S-DAPT-2026: A Stage-Aware Synthetic Dataset for Advanced Persistent Threat Detection

The detection of advanced persistent threats APTs remains a crucial challenge due to their stealthy, multistage nature and the limited availability of realistic, labeled datasets for systematic evaluation. Synthetic dataset generation has emerged as a practical approach for modeling APT campaigns...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/19 12:0 a.m.2 views

New Exam Security Questions in the AI Era: Comparing AI-Generated Item Similarity between Naive and Detail-Guided Prompting Approaches

Large language models LLMs have emerged as powerful tools for generating domain-specific multiple-choice questions MCQs, offering efficiency gains for certification boards but raising new concerns about examination security. This study investigated whether LLM-generated items created with...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/11 1:16 p.m.22 views

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Cybersecurity researchers have disclosed details of a new fully-featured Windows backdoor called NANOREMOTE that uses the Google Drive API for command-and-control C2 purposes. According to a report from Elastic Security Labs, the malware shares code similarities with another implant codenamed...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/02 12:0 a.m.4 views

A Large Scale Study of AI-Based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners

Binary Function Similarity Detection BFSD is a foundational technique in software security, underpinning a wide range of applications including vulnerability detection, malware analysis. Recent advances in AI-based BFSD tools have led to significant performance improvements. However, existing...

6.9AI score
Exploits0
Rows per page
Query Builder