Lucene search
+L
PacketstormnewsRecent

6894 matches found

Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.1 views

Beyond Personalization: Federated Recommendation with Calibration Via Low-Rank Decomposition

Federated recommendation FR is a promising paradigm to protect user privacy in recommender systems. Distinct from general federated scenarios, FR inherently needs to preserve client-specific parameters, i.e., user embeddings, for privacy and personalization. However, we empirically find that...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.8 views

Design Patterns for Securing LLM Agents against Prompt Injections

As AI agents powered by Large Language Models LLMs become increasingly versatile and capable of addressing a broad spectrum of tasks, ensuring their security has become a critical challenge. Among the most pressing threats are prompt injection attacks, which exploit the agent's resilience on...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

LLMail-Inject: a Dataset from a Realistic Adaptive Prompt Injection Challenge

Indirect Prompt Injection attacks exploit the inherent limitation of Large Language Models LLMs to distinguish between instructions and data in their inputs. Despite numerous defense proposals, the systematic evaluation against adaptive adversaries remains limited, even when successful attacks ca...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.3 views

Generate-Then-Verify: Reconstructing Data from Limited Published Statistics

Whitepaper called Generate-Then-Verify: Reconstructing Data From Limited Published Statistics...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

TRIDENT -- a Three-Tier Privacy-Preserving Propaganda Detection Model in Mobile Networks Using Transformers, Adversarial Learning, and Differential Privacy

The proliferation of propaganda on mobile platforms raises critical concerns around detection accuracy and user privacy. To address this, we propose TRIDENT - a three-tier propaganda detection model implementing transformers, adversarial learning, and differential privacy which integrates syntact...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.7 views

ELFuzz: Efficient Input Generation Via LLM-Driven Synthesis over Fuzzer Space

Generation-based fuzzing produces appropriate testing cases according to specifications of input grammars and semantic constraints to test systems and software. However, these specifications require significant manual efforts to construct. This paper proposes a new approach, ELFuzz Evolution...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.0 views

Epass: Efficient and Privacy-Preserving Asynchronous Payment on Blockchain

Whitepaper called Epass: Efficient And Privacy-Preserving Asynchronous Payment On Blockchain...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

GenBreak: Red Teaming Text-To-Image Generators Using Large Language Models

Text-to-image T2I models such as Stable Diffusion have advanced rapidly and are now widely used in content creation. However, these models can be misused to generate harmful content, including nudity or violence, posing significant safety risks. While most platforms employ content moderation...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.1 views

From Concept to Measurement: a Survey of How the Blockchain Trilemma Can Be Analyzed

To meet non-functional requirements, practitioners must identify Pareto-optimal configurations of the degree of decentralization, scalability, and security of blockchain systems. Maximizing all of these subconcepts is, however, impossible due to the trade-offs highlighted by the blockchain...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.2 views

Digital Privacy Everywhere

The increasing proliferation of digital and mobile devices equipped with cameras, microphones, GPS, and other privacy invasive components has raised significant concerns for businesses operating in sensitive or policy restricted environments. Current solutions rely on passive enforcement, such as...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

Efficient Modular Multiplier over GF (2^M) for ECPM

Elliptic curve cryptography ECC has emerged as the dominant public-key protocol, with NIST standardizing parameters for binary field GF2^m ECC systems. This work presents a hardware implementation of a Hybrid Multiplication technique for modular multiplication over binary field GF2m, targeting NI...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.0 views

Multiverse Privacy Theory for Contextual Risks in Complex User-AI Interactions

In an era of increasing interaction with artificial intelligence AI, users face evolving privacy decisions shaped by complex, uncertain factors. This paper introduces Multiverse Privacy Theory, a novel framework in which each privacy decision spawns a parallel universe, representing a distinct...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.7 views

Learning Obfuscations of LLM Embedding Sequences: Stained Glass Transform

The high cost of ownership of AI compute infrastructure and challenges of robust serving of large language models LLMs has led to a surge in managed Model-as-a-service deployments. Even when enterprises choose on-premises deployments, the compute infrastructure is typically shared across many tea...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

On the Impossibility of a Perfect Hypervisor

We establish a fundamental impossibility result for a perfect hypervisor', one that 1 preserves every observable behavior of any program exactly as on bare metal and 2 adds zero timing or resource overhead. Within this model we prove two theorems. 1 Indetectability Theorem. If such a hypervisor...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

Expert-In-The-Loop Systems with Cross-Domain and In-Domain Few-Shot Learning for Software Vulnerability Detection

As cyber threats become more sophisticated, rapid and accurate vulnerability detection is essential for maintaining secure systems. This study explores the use of Large Language Models LLMs in software vulnerability assessment by simulating the identification of Python code with known Common...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

DiffUMI: Training-Free Universal Model Inversion Via Unconditional Diffusion for Face Recognition

Face recognition technology presents serious privacy risks due to its reliance on sensitive and immutable biometric data. To address these concerns, such systems typically convert raw facial images into embeddings, which are traditionally viewed as privacy-preserving. However, model inversion...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

Identity and Access Management for the Computing Continuum

The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust ZT access control solution that leverages decentralized identification and authentication mechanisms based on Decentralized...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.8 views

SALAD: Systematic Assessment of Machine Unlearing on LLM-Aided Hardware Design

Large Language Models LLMs offer transformative capabilities for hardware design automation, particularly in Verilog code generation. However, they also pose significant data security challenges, including Verilog evaluation data contamination, intellectual property IP design leakage, and the ris...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

LLMs Cannot Reliably Judge (Yet?): a Comprehensive Assessment on the Robustness of LLM-As-A-Judge

Large Language Models LLMs have demonstrated remarkable intelligence across various tasks, which has inspired the development and widespread adoption of LLM-as-a-Judge systems for automated model testing, such as red teaming and benchmarking. However, these systems are susceptible to adversarial...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

Prompt Attacks Reveal Superficial Knowledge Removal in Unlearning Methods

In this work, we show that some machine unlearning methods may fail when subjected to straightforward prompt attacks. We systematically evaluate eight unlearning techniques across three model families, and employ output-based, logit-based, and probe analysis to determine to what extent supposedly...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

The Rabin Cryptosystem over Number Fields

We extend Rabin's cryptosystem to general number fields. We show that decryption of a random plaintext is as hard as the integer factorisation problem, provided the modulus in our scheme has been chosen carefully. We investigate the performance of our new cryptosystem in comparison with the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.3 views

Covert Entanglement Generation over Bosonic Channels

Whitepaper called Covert Entanglement Generation Over Bosonic Channels...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.16 views

Securing Open RAN: a Survey of Cryptographic Challenges and Emerging Solutions for 5G

The advent of Open Radio Access Networks O-RAN introduces modularity and flexibility into 5G deployments but also surfaces novel security challenges across disaggregated interfaces. This literature review synthesizes recent research across thirteen academic and industry sources, examining...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.7 views

The Security Overview and Analysis of 3GPP 5G MAC CE

To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

A Comprehensive Survey of Unmanned Aerial Systems' Risks and Mitigation Strategies

In the last decade, the rapid growth of Unmanned Aircraft Systems UAS and Unmanned Aircraft Vehicles UAV in communication, defense, and transportation has increased. The application of UAS will continue to increase rapidly. This has led researchers to examine security vulnerabilities in various...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

The Everyday Security of Living with Conflict

When cyber' is used as a prefix, attention is typically drawn to the technological and spectacular aspects of war and conflict -- and, by extension, security. We offer a different approach to engaging with and understanding security in such contexts, by foregrounding the everyday -- mundane --...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

Oracle-Based Multistep Strategy for Solving Polynomial Systems over Finite Fields and Algebraic Cryptanalysis of the Aradi Cipher

The multistep solving strategy consists in a divide-and-conquer approach: when a multivariate polynomial system is computationally infeasible to solve directly, one variable is assigned over the elements of the base finite field, and the procedure is recursively applied to the resulting simplifie...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.1 views

Mapping NVD Records to Their VFCs: How Hard Is It?

Mapping National Vulnerability Database NVD records to vulnerability-fixing commits VFCs is crucial for vulnerability analysis but challenging due to sparse explicit links in NVD references.This study explores this mapping's feasibility through an empirical approach. Manual analysis of NVD...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.11 views

AURA: a Multi-Agent Intelligence Framework for Knowledge-Enhanced Cyber Threat Attribution

Effective attribution of Advanced Persistent Threats APTs increasingly hinges on the ability to correlate behavioral patterns and reason over complex, varied threat intelligence artifacts. We present AURA Attribution Using Retrieval-Augmented Agents, a multi-agent, knowledge-enhanced framework fo...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.5 views

On the Virtues of Information Security in the UK Climate Movement

We report on an ethnographic study with members of the climate movement in the United Kingdom UK. We conducted participant observation and interviews at protests and in various activist settings. Reporting on the findings as they relate to information security, we show that members of the UK...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

BF-Max: an Efficient Bit Flipping Decoder with Predictable Decoding Failure Rate

The Bit-Flipping BF decoder, thanks to its very low computational complexity, is widely employed in post-quantum cryptographic schemes based on Moderate Density Parity Check codes in which, ultimately, decryption boils down to syndrome decoding. In such a setting, for security concerns, one must...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.6 views

First-Spammed, First-Served: MEV Extraction on Fast-Finality Blockchains

This research analyzes the economics of spam-based arbitrage strategies on fast-finality blockchains. We begin by theoretically demonstrating that, splitting a profitable MEV opportunity into multiple small transactions is the optimal strategy for CEX-DEX arbitrageurs. We then empirically validat...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.8 views

Empirical Quantification of Spurious Correlations in Malware Detection

End-to-end deep learning exhibits unmatched performance for detecting malware, but such an achievement is reached by exploiting spurious correlations -- features with high relevance at inference time, but known to be useless through domain knowledge. While previous work highlighted that deep...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.8 views

Differentially Private Federated $K$-Means Clustering with Server-Side Data

Clustering is a cornerstone of data analysis that is particularly suited to identifying coherent subgroups or substructures in unlabeled data, as are generated continuously in large amounts these days. However, in many cases traditional clustering methods are not applicable, because data are...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.2 views

Effective Red-Teaming of Policy-Adherent Agents

Task-oriented LLM-based agents are increasingly used in domains with strict policies, such as refund eligibility or cancellation rules. The challenge lies in ensuring that the agent consistently adheres to these rules and policies, appropriately refusing any request that would violate them, while...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.2 views

Unconditionally Secure Wireless-Wired Ground-Satellite-Ground Communication Networks Utilizing Classical and Quantum Noise

In this paper, we introduce the Kirchhoff-Law-Johnson-Noise KLJN as an approach to securing satellite communications. KLJN has the potential to revolutionize satellite communication security through its combination of simplicity, cost-effectiveness, and resilience with unconditional security...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.7 views

Devil'S Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols

Graph neural networks GNNs have achieved significant success in graph representation learning and have been applied to various domains. However, many real-world graphs contain sensitive personal information, such as user profiles in social networks, raising serious privacy concerns when graph...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.6 views

Lightweight and High-Throughput Secure Logging for Internet of Things and Cold Cloud Continuum

The growing deployment of resource-limited Internet of Things IoT devices and their expanding attack surfaces demand efficient and scalable security mechanisms. System logs are vital for the trust and auditability of IoT, and offloading their maintenance to a Cold Storage-as-a-Service Cold-STaaS...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.13 views

WordPress Celestial Aura Theme 2.2 Shell Upload

WordPress Celestial Aura Theme versions 2.2 and below suffer from a remote shell upload vulnerability...

9.9CVSS9AI score0.00532EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

Adversarial Text Generation with Dynamic Contextual Perturbation

Adversarial attacks on Natural Language Processing NLP models expose vulnerabilities by introducing subtle perturbations to input text, often leading to misclassification while maintaining human readability. Existing methods typically focus on word-level or local text segment alterations,...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

Evaluation Empirique De La Sécurisation Et De L'Alignement De ChatGPT Et Gemini: Analyse Comparative Des Vulnérabilités Par Expérimentations De Jailbreaks

Large Language models LLMs are transforming digital usage, particularly in text generation, image creation, information retrieval and code development. ChatGPT, launched by OpenAI in November 2022, quickly became a reference, prompting the emergence of competitors such as Google's Gemini. However...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

Securing Generative AI Agentic Workflows: Risks, Mitigation, and a Proposed Firewall Architecture

Generative Artificial Intelligence GenAI presents significant advancements but also introduces novel security challenges, particularly within agentic workflows where AI agents operate autonomously. These risks escalate in multi-agent systems due to increased interaction complexity. This paper...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

Striking Back at Cobalt: Using Network Traffic Metadata to Detect Cobalt Strike Masquerading Command and Control Channels

Off-the-shelf software for Command and Control is often used by attackers and legitimate pentesters looking for discretion. Among other functionalities, these tools facilitate the customization of their network traffic so it can mimic popular websites, thereby increasing their secrecy. Cobalt...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.4 views

One Patch to Rule Them All: Transforming Static Patches into Dynamic Attacks in the Physical World

Numerous methods have been proposed to generate physical adversarial patches PAPs against real-world machine learning systems. However, each existing PAP typically supports only a single, fixed attack goal, and switching to a different objective requires re-generating and re-deploying a new PAP...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.9 views

TimeWak: Temporal Chained-Hashing Watermark for Time Series Data

Synthetic time series generated by diffusion models enable sharing privacy-sensitive datasets, such as patients' functional MRI records. Key criteria for synthetic data include high data utility and traceability to verify the data source. Recent watermarking methods embed in homogeneous latent...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.7 views

ZTaint-Havoc: from Havoc Mode to Zero-Execution Fuzzing-Driven Taint Inference

Fuzzing is a widely used technique for discovering software vulnerabilities, but identifying hot bytes that influence program behavior remains challenging. Traditional taint analysis can track such bytes white-box, but suffers from scalability issue. Fuzzing-Driven Taint Inference FTI offers a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.21 views

Your Agent Can Defend Itself against Backdoor Attacks

Despite their growing adoption across domains, large language model LLM-powered agents face significant security risks from backdoor attacks during training and fine-tuning. These compromised agents can subsequently be manipulated to execute malicious operations when presented with specific...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.5 views

Do Concept Replacement Techniques Really Erase Unacceptable Concepts?

Generative models, particularly diffusion-based text-to-image T2I models, have demonstrated astounding success. However, aligning them to avoid generating content with unacceptable concepts e.g., offensive or copyrighted content, or celebrity likenesses remains a significant challenge. Concept...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.6 views

ContextBuddy: AI-Enhanced Contextual Insights for Security Alert Investigation (Applied to Intrusion Detection)

Modern Security Operations Centres SOCs integrate diverse tools, such as SIEM, IDS, and XDR systems, offering rich contextual data, including alert enrichments, flow features, and similar case histories. Yet, analysts must still manually determine which of these contextual cues are most relevant...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/10 12:0 a.m.6 views

Symbolic Generation and Modular Embedding of High-Quality Abc-Triples

We present a symbolic identity for generating integer triples $a, b, c$ satisfying $a + b = c$, inspired by structural features of the \emphabc conjecture. The construction uses powers of $2$ and $3$ in combination with modular inversion in $\mathbbZ/3^p\mathbbZ$, leading to a parametric identity...

6.9AI score
Exploits0
Total number of security vulnerabilities6894