Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•9 views

A Robust Framework for Sybil Attack Detection in Vehicular Ad Hoc Networks

Sybil attacks create an illusion of traffic congestion by utilizing fake identities, which undermines the reliable and safe operation of vehicular ad hoc networks VANETs. Existing detection mechanisms struggle to effectively handle Sybil attacks as they are i susceptible to high false positive...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•8 views

Android Wireless ADB Wireless Port Checker

This is some simple C code to scan for an open Android Wireless ADB port on tcp/5555...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•10 views

ACPM Transfer Validation and Stress Testing Proof of Concept

This C program is a controlled stress-testing proof of concept designed to evaluate robustness, parameter validation, and stability of the acpmdoxfer interface under repeated high-volume calls and intentionally oversized transfer descriptors...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•10 views

ACPM Multithreaded Minimal Transfer Stress Tester

This C program is a lightweight multi-threaded stress test designed to evaluate concurrent behavior of the acpmdoxfer interface under repeated small-size transfer operations across multiple threads sharing the same ACPM handle...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•9 views

On-Chip Quantum Randomness Amplification

Randomness amplification, the task of extracting uniform private bits from biased seeds that may be partly known by a malicious third party, is of central importance in cryptography. The highest security in this task is provided by a class of quantum protocols known as device-independent, which...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•9 views

CLDAP Analyzer with ASN.1 BER Encoding and Basic TLV Response Parser

This Python script implements a CLDAP Connectionless LDAP analyzer that builds and sends LDAP CLDAP discovery requests and parses responses using ASN.1 BER encoding and a basic TLV parser. It constructs a structured LDAP search request including DnsDomain, User, and NtVer filters, sends it over U...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•11 views

PI-Hunter: Automated Red-Teaming for Exposing and Localizing Prompt Injections

Large Language Models LLMs are rapidly evolving into agentic systems that interact with external tools and environments, introducing new security risks such as indirect prompt injection attacks through untrusted external sources. Existing defenses mainly focus on blocking malicious content at...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•13 views

Systematic Cybersecurity Risk Analysis of European Rail Traffic Management System

European Rail Traffic Management System ERTMS is a widely adopted standard unifying train management in the EU. While the standard allows for use cases like fully autonomous driving, cybersecurity has been an afterthought. Risk analysis enables the systematic assessment and prioritization of...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/10 12:0 a.m.•16 views

InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment

Fault Injection Attacks FIAs are a significant threat to hardware security, capable of compromising systems by inducing malicious faults in computation or storage. Evaluating resilience against such attacks is challenging due to the high cost, complexity, and limited availability of physical faul...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•20 views

RAT: Reference-Augmented Training for ASV Anti-Spoofing

We introduce a spoofing countermeasure architecture conditioned on speaker-reference recordings, but observe that it converges to a solution that effectively ignores the reference during inference. Surprisingly, training with a reference channel induces invariance that improves deepfake detection...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•8 views

phpVMS 7.0.5 Security Exposure Scanner

This script is a non-destructive security scanner designed to assess phpVMS installations by performing read-only HTTP requests. It fingerprints targets using known phpVMS-related signatures and checks for the presence and accessibility of common importer and administration endpoints...

9.4CVSS5.4AI score0.01173EPSS
Exploits1
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

Space Fabric: A Satellite-Enhanced Trusted Execution Architecture

The emergence of decentralized satellite networks and orbital computing platforms creates a pressing need for trust architectures that can operate without physical access to the hardware, without reliance on pre-provisioned vendor secrets, and without dependence on a single manufacturer's...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•9 views

FreeBSD Security Advisory - FreeBSD-SA-26:27.sound

FreeBSD Security Advisory - The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and...

5.7AI score0.00149EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•11 views

FreeBSD Security Advisory - FreeBSD-SA-26:34.vt

FreeBSD Security Advisory - The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the...

5.7AI score0.00107EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•8 views

When Discovery Outpaces Remediation: Modeling AI-Accelerated Vulnerability Discovery in Interconnected Systems

Advanced AI systems for code analysis, binary analysis, fuzzing orchestration, and penetration-test planningmay significantly increase the rate at which latent vulnerabilities are discovered. While improved discovery can benefit defenders, it can also overload remediation pipelines and accelerate...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•8 views

FreeBSD Security Advisory - FreeBSD-SA-26:28.capsicum

FreeBSD Security Advisory - sigqueue2 was marked as permitted in capability mode with the introduction of Capsicum in 2011, but the implementation of kernsigqueue did not include a capability mode check restricting signal delivery to the calling process's own PID...

5.5AI score0.00092EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

TIFF/DNG Metadata Scanner for Structural Validation and Suspicious Tag Detection

This C program implements a lightweight metadata scanner for TIFF-based DNG files that performs basic structural validation and heuristic analysis of Image File Directory IFD entries. The tool reads TIFF headers, enumerates metadata tags, and evaluates entries against simple consistency rules to...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•15 views

Hiding the Trees in the Forest: Building Network Covert Channels with Hash-Based Covert Carrier Filtering

As an effective anti-censorship mechanism, network covert channels can provide data privacy protection and ensure communication security. However, the covertness of existing network covert channels primarily depends on the secrecy of their covert algorithms. With the increasing depth of research ...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

Synthetic TIFF Corpus Generator for Parser Validation and Boundary Condition Testing

This Python script generates a small corpus of synthetic TIFF-like files designed for validating parser behavior across different image dimension scenarios...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•14 views

Context-Based Adversarial Attacks on AI Code Generators: Vulnerability Analysis and Implications

AI-powered code generation systems have transformed software development but introduce critical inference-time security vulnerabilities. This research presents a systematic investigation of context-based adversarial attacks, where strategically crafted contextual inputs, including comments,...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•16 views

On the Study of Biometric Spoofing Detection Using Deep Learning

Biometric systems are increasingly deployed in security applications; however, they remain vulnerable to spoofing attacks, in which attackers exploit counterfeit biometric data to gain unauthorized access. This research evaluates the effectiveness of state-of-the-art machine learning models,...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•12 views

AI Researchers Must Help Lead Arms Control to Mitigate Military AI Risks

The advancement of AI capabilities compels researchers and the public to be more aware of its potential worldwide impact. A pressing near-term concern is the regulation of military AI applications. Armament manufacturers and defense contractors are increasingly investing in AI capabilities and...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•56 views

FROST: Fingerprinting Remotely Using OPFS-based SSD Timing

Prior work showed that variations in SSD access time can be used to leak information about user activity, e.g., the websites a user accesses, and for covert data transmission. To achieve this, SSD contention side channels require accurate high-resolution timing measurements of I/O operations, e.g...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•12 views

OpenSSL Toolkit 4.0.1

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 4.0 release...

9.8CVSS5.4AI score0.02719EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•23 views

FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls

FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...

5.5AI score0.00154EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•55 views

Samba Print Exposure Auditor

This is an exposure assessment tool designed to evaluate whether a Samba print service exposes printer-related RPC functionality to anonymous users through the spoolss endpoint...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•9 views

FreeBSD Security Advisory - FreeBSD-SA-26:32.elf

FreeBSD Security Advisory - The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen...

5.5AI score0.00106EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•11 views

FreeBSD Security Advisory - FreeBSD-SA-26:30.linux

FreeBSD Security Advisory - The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

5.5AI score0.00098EPSS
Exploits1
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•17 views

FreeBSD Security Advisory - FreeBSD-SA-26:25.thr

FreeBSD Security Advisory - When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call return...

5.4AI score0.00092EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•18 views

Securing Code Understanding: Detecting Natural Backdoor Vulnerability in Code Language Models

Code Language Models CodeLMs have become integral to software engineering, significantly advancing code intelligence tasks. However, their widespread adoption has raised critical security concerns, particularly regarding susceptibility to backdoor attacks. Recent studies have uncovered naturally...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

FreeBSD Security Advisory - FreeBSD-SA-26:29.ip6_multicast

FreeBSD Security Advisory - The kernel handler for IPV6MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to fre...

5.5AI score0.00104EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•23 views

WordPress Contest Gallery Scanner

This Python script is a assessment tool designed to evaluate potential exposure of a WordPress Contest Gallery AJAX workflow by observing response differences from benign probe requests...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•8 views

FreeBSD Security Advisory - FreeBSD-SA-26:33.unbound

FreeBSD Security Advisory - Multiple vulnerabilities have been reported in Unbound...

10CVSS5.5AI score0.01272EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

A Bayesian Network Approach for Enhancing Security-Focused Decision Support Systems

The adoption and integration of heterogeneous stacks in most of today's open-source based networks brings clear benefits like interoperability and availability of advanced features. Yet, on the other hand the increasing number of interconnecting components and moving parts requires maintaining an...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•23 views

OpenSSL Security Advisory 20260609

OpenSSL is susceptible to multiple security vulnerabilities. A specially crafted PKCS7 or S/MIME signed message could trigger a use-after-free during PKCS7 signature verification. The Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag...

9.8CVSS5.5AI score0.02719EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•11 views

OpenSSL Toolkit 3.6.3

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.6 release...

9.8CVSS5.4AI score0.02719EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•7 views

FreeBSD Security Advisory - FreeBSD-SA-26:36.ldns

FreeBSD Security Advisory - When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the outstanding query. It did not check that the response source address and port matched the query destination, that the transaction ID matched, or that the question...

8.2CVSS5.4AI score0.00147EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•12 views

Evaluating and Combating the Impact of Concept Drift on the Performance of Machine Learning-Based Phishing Detection Systems

The expansion of the digital domain has resulted in a substantial increase in digital communication, with email emerging as one of the most prominent channels. The proliferation of email communication is apparent in both professional and personal contexts, thereby creating numerous vulnerabilitie...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•9 views

Layer Order Semantics for Automata-Based Cybersecurity

Layered cybersecurity pipelines transform evidence before they decide on it, and the order of those transformations determines which security facts become visible to which layer. This paper gives layer order a finite-state semantics built from a layer-order automaton, deterministic sequential...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•9 views

FreeBSD Security Advisory - FreeBSD-SA-26:35.openssl

FreeBSD Security Advisory - Multiple issues have been reported as part of this advisory with different issues affecting different OpenSSL versions and therefore different FreeBSD versions...

8.1CVSS5.4AI score0.00513EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•10 views

FreeBSD Security Advisory - FreeBSD-SA-26:31.arm64

FreeBSD Security Advisory - Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store...

9.1CVSS5.4AI score0.0053EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•8 views

Certification of Network Quantum Sensing

The distribution of quantum sensors on quantum networks is a key enabler of quantum technologies in interferometry, gravimetry, timekeeping, biological monitoring, and beyond. Yet, guaranteeing the security of these distributed sensors over noisy, insecure networks remains a formidable challenge...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•11 views

Assessing Automated Prompt Injection Attacks in Agentic Environments

Indirect prompt injection poses a critical threat to LLM agents that interact with untrusted external data, yet automated attack methods--proven effective for jailbreaking--remain underexplored in realistic agentic settings. We present a comprehensive empirical evaluation of automated prompt...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/09 12:0 a.m.•9 views

Toward Secure LLM Agents: Threat Surfaces, Attacks, Defenses, and Evaluation

Large language model LLM agents are rapidly moving from conversational interfaces to software components that plan, invoke tools, maintain memory, and act on external environments. This transition changes the nature of security risk. In agentic settings, failures are no longer limited to unsafe...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•10 views

State of Agentic AI Security and Governance

An OWASP white paper analyzing the security, governance, and risk management considerations surrounding agentic AI systems, including autonomous decision-making, tool access, prompt injection, data protection, and organizational oversight. This is version 2.01...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•9 views

Security-First Approach to API Pipeline Development with Zero-Trust Architecture

Modern enterprises face an accelerating onslaught of API-targeted threats amid a rapidly expanding attack surface. Record volumes of software vulnerabilities continue to accelerate dramatically, with 28,818 CVEs disclosed in 2023 a 38% jump from 2022 and 40,009 CVEs in 2024 another 38% increase,...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•10 views

Windows 11 Hardening Auditor for WinRE and BitLocker

This Python-based Windows security utility performs defensive auditing and mitigation tasks focused on Windows Recovery Environment WinRE and CVE-2026-45585, BitLocker protection policies, Secure Boot, TPM configuration, and boot-time execution integrity on Windows 11 systems...

6.8CVSS6.1AI score0.01249EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•12 views

Windows Notepad Markdown Link Exposure Test

This Metasploit auxiliary module is a non-exploit, safety-focused research tool designed to generate a Markdown file for analyzing how Windows Notepad handles external links. It creates a controlled test document containing a user-defined URL and stores it locally for inspection...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•9 views

Secure WebSocket Upgrade Handler Auditor for HTTP/HTTPS Services

This Python tool implements a concurrent network auditing framework focused on testing HTTP Upgrade handling behavior, especially WebSocket upgrade negotiation. It connects directly to target servers over TCP or TLS, sends crafted upgrade requests, parses raw HTTP responses, and reports whether t...

5.5AI score
Exploits0
Total number of security vulnerabilities6803