Lucene search
K

16 matches found

Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.61 views

Sparse Autoencoders Are Capable LLM Jailbreak Mitigators

Jailbreak attacks remain a persistent threat to large language model safety. We propose Context-Conditioned Delta Steering CC-Delta, an SAE-based defense that identifies jailbreak-relevant sparse features by comparing token-level representations of the same harmful request with and without...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/08 12:0 a.m.5 views

Security-Robustness Trade-Offs in Diffusion Steganography: A Comparative Analysis of Pixel-Space and VAE-Based Architectures

Current generative steganography research mainly pursues computationally expensive mappings to perfect Gaussian priors within single diffusion model architectures. This work introduces an efficient framework based on approximate Gaussian mapping governed by a scale factor calibrated through...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/23 12:0 a.m.5 views

Centralized Vs. Decentralized Security for Space AI Systems? A New Look

This paper investigates the trade-off between centralized and decentralized security management in constellations of satellites to balance security and performance. We highlight three key AI architectures for automated security management: a centralized, b distributed and c federated. The...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/18 12:0 a.m.3 views

Quantum Blockchain Survey: Foundations, Trends, and Gaps

Quantum computing poses fundamental risks to classical blockchain systems by undermining widely used cryptographic primitives. In response, two major research directions have emerged: post-quantum blockchains, which integrate quantum-resistant algorithms, and quantum blockchains, which leverage...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/12 12:0 a.m.3 views

Implementing and Evaluating Post-Quantum DNSSEC in CoreDNS

The emergence of quantum computers poses a significant threat to current secure service, application and/or protocol implementations that rely on RSA and ECDSA algorithms, for instance DNSSEC, because public-key cryptography based on number factorization or discrete logarithm is vulnerable to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/24 12:0 a.m.3 views

SoK: Can Synthetic Images Replace Real Data? A Survey of Utility and Privacy of Synthetic Image Generation

Advances in generative models have transformed the field of synthetic image generation for privacy-preserving data synthesis PPDS. However, the field lacks a comprehensive survey and comparison of synthetic image generation methods across diverse settings. In particular, when we generate syntheti...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/31 12:0 a.m.5 views

Scaling DeFi with ZK Rollups: Design, Deployment, and Evaluation of a Real-Time Proof-Of-Concept

Ethereum's scalability limitations pose significant challenges for the adoption of decentralized applications dApps. Zero-Knowledge Rollups ZK Rollups present a promising solution, bundling transactions off-chain and submitting validity proofs on-chain to enhance throughput and efficiency. In thi...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.2 views

Fair Play for Individuals, Foul Play for Groups? Auditing Anonymization'S Impact on ML Fairness

Machine learning ML algorithms are heavily based on the availability of training data, which, depending on the domain, often includes sensitive information about data providers. This raises critical privacy concerns. Anonymization techniques have emerged as a practical solution to address these...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/22 12:0 a.m.5 views

How Private Is Your Attention? Bridging Privacy with In-Context Learning

In-context learning ICL-the ability of transformer-based models to perform new tasks from examples provided at inference time-has emerged as a hallmark of modern language models. While recent works have investigated the mechanisms underlying ICL, its feasibility under formal privacy constraints...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.1 views

Benchmarking Differentially Private Tabular Data Synthesis

Differentially private DP tabular data synthesis generates artificial data that preserves the statistical properties of private data while safeguarding individual privacy. The emergence of diverse algorithms in recent years has introduced challenges in practical applications, such as inconsistent...

6.9AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/08/22 12:0 a.m.14 views

Tackling the OAuth2 Client component model in Spring Security

In Spring Security 5, we saw many developments in the OAuth2 story with the introduction of OAuth2 Resource Server and OAuth2 Client into the framework. Today, it is quite convenient to develop applications that are secured by OAuth2 using the features available in OAuth2 Resource Server...

6.9AI score
Exploits0
GithubExploit
GithubExploit
added 2021/12/14 9:47 p.m.301 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-remediation-tools Tools for finding and reproducing...

10CVSS9.5AI score0.99999EPSS
Exploits349
NVD
NVD
added 2020/07/10 9:15 p.m.13 views

CVE-2020-15105

Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session base64-encoded. The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor...

5.4CVSS0.00579EPSS
Exploits0References3
OSV
OSV
added 2020/07/10 9:15 p.m.22 views

PYSEC-2020-39

Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session base64-encoded. The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor...

5.4CVSS1.8AI score0.00579EPSS
Exploits0References3
CVE
CVE
added 2020/07/10 8:55 p.m.110 views

CVE-2020-15105

Django Two-Factor Authentication (django-two-factor-auth) vulnerability CVE-2020-15105 affects versions up to 1.11. It stores the user’s password in clear text (base64-encoded) in the user session after the user submits credentials, until authentication completes via a 2FA code. Depending on sess...

5.4CVSS5.8AI score0.00579EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2020/07/10 8:55 p.m.74 views

User passwords are stored in clear text in the Django session

Impact django-two-factor-auth versions 1.11 and before store the user's password in clear text in the user session base64-encoded. The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor...

5.4CVSS0.8AI score0.00579EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder