Lucene search
+L
PacketstormnewsRecent

6907 matches found

Packet Storm News
Packet Storm News
•added 2025/05/25 12:0 a.m.•10 views

Evaluating Query Efficiency and Accuracy of Transfer Learning-Based Model Extraction Attack in Federated Learning

Federated Learning FL is a collaborative learning framework designed to protect client data, yet it remains highly vulnerable to Intellectual Property IP threats. Model extraction ME attacks pose a significant risk to Machine Learning as a Service MLaaS platforms, enabling attackers to replicate...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/25 12:0 a.m.•9 views

A Systematic Classification of Vulnerabilities in MoveEVM Smart Contracts (MWC)

We introduce the MoveEVM Weakness Classification MWC system -- a dedicated vulnerability taxonomy for smart contracts built with Move and executed in EVM-compatible environments. While Move was originally designed to prevent common security flaws via linear resource types and strict ownership, it...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/25 12:0 a.m.•3 views

An Empirical Study of JavaScript Inclusion Security Issues in Chrome Extensions

JavaScript, a scripting language employed to augment the capabilities of web browsers within web pages or browser extensions, utilizes code segments termed JavaScript inclusions. While the security aspects of JavaScript inclusions in web pages have undergone substantial scrutiny, a thorough...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

LAMDA: a Longitudinal Android Malware Benchmark for Concept Drift Analysis

Machine learning ML-based malware detection systems often fail to account for the dynamic nature of real-world training and test data distributions. In practice, these distributions evolve due to frequent changes in the Android ecosystem, adversarial development of new malware families, and the...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•9 views

Understanding the Relationship between Personal Data Privacy Literacy and Data Privacy Information Sharing by University Students

With constant threats to the safety of personal data in the United States, privacy literacy has become an increasingly important competency among university students, one that ties intimately to the information sharing behavior of these students. This survey based study examines how university...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•5 views

Securing Credit Inquiries: the Role of Real-Time User Approval in Preventing SSN Identity Theft

Unauthorized credit inquiries are also a central entry point for identity theft, with Social Security Numbers SSNs being widely utilized in fraudulent cases. Traditional credit inquiry systems do not usually possess strict user authentication, making them vulnerable to unauthorized access. This...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

Zero Trust Cybersecurity: Procedures and Considerations in Context

In response to the increasing complexity and sophistication of cyber threats, particularly those enhanced by advancements in artificial intelligence, traditional security methods are proving insufficient. This paper explores the Zero Trust cybersecurity framework, which operates on the principle ...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•8 views

Mal-D2GAN: Double-Detector Based GAN for Malware Generation

Machine learning ML has been developed to detect malware in recent years. Most researchers focused their efforts on improving the detection performance but ignored the robustness of the ML models. In addition, many machine learning algorithms are very vulnerable to intentional attacks. To solve...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•3 views

ARMS: a Vision for Actor Reputation Metric Systems in the Open-Source Software Supply Chain

Many critical information technology and cyber-physical systems rely on a supply chain of open-source software projects. OSS project maintainers often integrate contributions from external actors. While maintainers can assess the correctness of a change request, assessing a change request's...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•5 views

Co-PatcheR: Collaborative Software Patching with Component(S)-Specific Small Reasoning Models

Motivated by the success of general-purpose large language models LLMs in software patching, recent works started to train specialized patching models. Most works trained one model to handle the end-to-end patching pipeline including issue localization, patch generation, and patch validation...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

Strong Membership Inference Attacks on Massive Datasets and (Moderately) Large Language Models

State-of-the-art membership inference attacks MIAs typically require training many reference models, making it difficult to scale these attacks to large pre-trained language models LLMs. As a result, prior research has either relied on weaker attacks that avoid training reference models e.g.,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•7 views

A Study of Semi-Fungible Token Based Wi-Fi Access Control

Current Wi-Fi authentication methods face issues such as insufficient security, user privacy leakage, high management costs, and difficulty in billing. To address these challenges, a Wi-Fi access control solution based on blockchain smart contracts is proposed. Firstly, semi-fungible Wi-Fi tokens...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•5 views

Anonymity-Washing

Anonymization is a foundational principle of data privacy regulation, yet its practical application remains riddled with ambiguity and inconsistency. This paper introduces the concept of anonymity-washing -- the misrepresentation of the anonymity level of sanitized'' personal data -- as a critica...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

Adapting Novelty Towards Generating Antigens for Antivirus Systems

It is well known that anti-malware scanners depend on malware signatures to identify malware. However, even minor modifications to malware code structure results in a change in the malware signature thus enabling the variant to evade detection by scanners. Therefore, there exists the need for a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•24 views

MLRan: a Behavioural Dataset for Ransomware Analysis and Detection

Ransomware remains a critical threat to cybersecurity, yet publicly available datasets for training machine learning-based ransomware detection models are scarce and often have limited sample size, diversity, and reproducibility. In this paper, we introduce MLRan, a behavioural ransomware dataset...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

$PD^3F$: a Pluggable and Dynamic DoS-Defense Framework against Resource Consumption Attacks Targeting Large Language Models

Large Language Models LLMs, due to substantial computational requirements, are vulnerable to resource consumption attacks, which can severely degrade server performance or even cause crashes, as demonstrated by denial-of-service DoS attacks designed for LLMs. However, existing works lack mitigati...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

Exemplifying Emerging Phishing: QR-Based Browser-In-The-Browser (BiTB) Attack

Lately, cybercriminals constantly formulate productive approaches to exploit individuals. This article exemplifies an innovative attack, namely QR-based Browser-in-The-Browser BiTB, using proficiencies of Large Language Model LLM i.e. Google Gemini. The presented attack is a fusion of two emergin...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•7 views

Usability of Token-Based and Remote Electronic Signatures: a User Experience Study

As electronic signatures e-signatures become increasingly integral to secure digital transactions, understanding their usability and security perception from an end-user perspective has become crucial. This study empirically evaluates and compares two major e-signature systems -- token-based and...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•7 views

Fixing 7,400 Bugs for 1$: Cheap Crash-Site Program Repair

The rapid advancement of bug-finding techniques has led to the discovery of more vulnerabilities than developers can reasonably fix, creating an urgent need for effective Automated Program Repair APR methods. However, the complexity of modern bugs often makes precise root cause analysis difficult...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•21 views

LLM-Driven APT Detection for 6G Wireless Networks: a Systematic Review and Taxonomy

Sixth Generation 6G wireless networks, which are expected to be deployed in the 2030s, have already created great excitement in academia and the private sector with their extremely high communication speed and low latency rates. However, despite the ultra-low latency, high throughput, and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•13 views

MADCAT: Combating Malware Detection under Concept Drift with Test-Time Adaptation

We present MADCAT, a self-supervised approach designed to address the concept drift problem in malware detection. MADCAT employs an encoder-decoder architecture and works by test-time training of the encoder on a small, balanced subset of the test-time data using a self-supervised objective. Duri...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•6 views

Toward Malicious Clients Detection in Federated Learning

Federated learning FL enables multiple clients to collaboratively train a global machine learning model without sharing their raw data. However, the decentralized nature of FL introduces vulnerabilities, particularly to poisoning attacks, where malicious clients manipulate their local models to...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/24 12:0 a.m.•84 views

Benchmarking Poisoning Attacks against Retrieval-Augmented Generation

Retrieval-Augmented Generation RAG has proven effective in mitigating hallucinations in large language models by incorporating external knowledge during inference. However, this integration introduces new security vulnerabilities, particularly to poisoning attacks. Although prior work has explore...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

Verifiable Deep Learning Inference on an Untrusted Party

Whitepaper called Verifiable Deep Learning Inference On An Untrusted Party...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•17 views

An Attack to Break Permutation-Based Private Third-Party Inference Schemes for LLMs

Recent advances in Large Language Models LLMs have led to the widespread adoption of third-party inference services, raising critical privacy concerns. Existing methods of performing private third-party inference, such as Secure Multiparty Computation SMPC, often rely on cryptographic methods...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•8 views

Chain-Of-Lure: a Synthetic Narrative-Driven Approach to Compromise Large Language Models

In the era of rapid generative AI development, interactions between humans and large language models face significant misusing risks. Previous research has primarily focused on black-box scenarios using human-guided prompts and white-box scenarios leveraging gradient-based LLM generation methods,...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

Towards a Quantum-Classical Augmented Network

In the past decade, several small-scale quantum key distribution networks have been established. However, the deployment of large-scale quantum networks depends on the development of quantum repeaters, quantum channels, quantum memories, and quantum network protocols. To improve the security of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

Wazuh 4.10.2

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•4 views

Modeling Interdependent Privacy Threats

The rise of online social networks, user-gene-rated content, and third-party apps made data sharing an inevitable trend, driven by both user behavior and the commercial value of personal information. As service providers amass vast amounts of data, safeguarding individual privacy has become...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•7 views

Invisible Tokens, Visible Bills: the Urgent Need to Audit Hidden Operations in Opaque LLM Services

Whitepaper called Invisible Tokens, Visible Bills: The Urgent Need To Audit Hidden Operations In Opaque LLM Services...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

Sec5GLoc: Securing 5G Indoor Localization Via Adversary-Resilient Deep Learning Architecture

Emerging 5G millimeter-wave and sub-6 GHz networks enable high-accuracy indoor localization, but security and privacy vulnerabilities pose serious challenges. In this paper, we identify and address threats including location spoofing and adversarial signal manipulation against 5G-based indoor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

A Linear Approach to Data Poisoning

We investigate the theoretical foundations of data poisoning attacks in machine learning models. Our analysis reveals that the Hessian with respect to the input serves as a diagnostic tool for detecting poisoning, exhibiting spectral signatures that characterize compromised datasets. We use rando...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

TSA-WF: Exploring the Effectiveness of Time Series Analysis for Website Fingerprinting

Whitepaper called TSA-WF: Exploring The Effectiveness Of Time Series Analysis For Website Fingerprinting...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

SecurePay: Enabling Secure and Fast Payment Processing for Platform Economy

Recent years have witnessed a rapid development of platform economy, as it effectively addresses the trust dilemma between untrusted online buyers and merchants. However, malicious platforms can misuse users' funds and information, causing severe security concerns. Previous research efforts aimed...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

A Critical Evaluation of Defenses against Prompt Injection Attacks

Large Language Models LLMs are vulnerable to prompt injection attacks, and several defenses have recently been proposed, often claiming to mitigate these attacks successfully. However, we argue that existing studies lack a principled approach to evaluating these defenses. In this paper, we argue...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•8 views

Revisiting Adversarial Perception Attacks and Defense Methods on Autonomous Driving Systems

Autonomous driving systems ADS increasingly rely on deep learning-based perception models, which remain vulnerable to adversarial attacks. In this paper, we revisit adversarial attacks and defense methods, focusing on road sign recognition and lead object detection and prediction e.g., relative...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•7 views

AI/ML for 5G and beyond Cybersecurity

The advancements in communication technology 5G and beyond and global connectivity Internet of Things IoT also come with new security problems that will need to be addressed in the next few years. The threats and vulnerabilities introduced by AI/ML based 5G and beyond IoT systems need to be...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•7 views

Gaming Tool Preferences in Agentic LLMs

Large language models LLMs can now access a wide range of external tools, thanks to the Model Context Protocol MCP. This greatly expands their abilities as various agents. However, LLMs rely entirely on the text descriptions of tools to decide which ones to use--a process that is surprisingly...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

Towards Anonymous Neural Network Inference

We introduce funion, a system providing end-to-end sender-receiver unlinkability for neural network inference. By leveraging the Pigeonhole storage protocol and BACAP blinding-and-capability scheme from the Echomix anonymity system, funion inherits the provable security guarantees of modern...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•4 views

Architectural Backdoors for Within-Batch Data Stealing and Model Inference Manipulation

For nearly a decade the academic community has investigated backdoors in neural networks, primarily focusing on classification tasks where adversaries manipulate the model prediction. While demonstrably malicious, the immediate real-world impact of such prediction-altering attacks has remained...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

JALMBench: Benchmarking Jailbreak Vulnerabilities in Audio Language Models

Whitepaper called JALMBench: Benchmarking Jailbreak Vulnerabilities In Audio Language Models...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

Privacy-Preserving Bathroom Monitoring for Elderly Emergencies Using PIR and LiDAR Sensors

In-home elderly monitoring requires systems that can detect emergency events - such as falls or prolonged inactivity - while preserving privacy and requiring no user input. These systems must be embedded into the surrounding environment, capable of capturing activity, and responding promptly. Thi...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

ACSE-Eval: Can LLMs Threat Model Real-World Cloud Infrastructure?

While Large Language Models have shown promise in cybersecurity applications, their effectiveness in identifying security threats within cloud deployments remains unexplored. This paper introduces AWS Cloud Security Engineering Eval, a novel dataset for evaluating LLMs cloud security threat...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

Adaptively Secure Distributed Broadcast Encryption with Linear-Size Public Parameters

Distributed broadcast encryption DBE is a variant of broadcast encryption BE that can efficiently transmit a message to a subset of users, in which users independently generate user private keys and user public keys instead of a central trusted authority generating user keys. In this paper, we...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•4 views

Gentoo Linux Security Advisory 201607-06

Gentoo Linux Security Advisory 201607-06 - A buffer overflow in CUPS might allow remote attackers to execute arbitrary code. Versions less than 2.0.2-r1 are affected...

6.8CVSS8AI score0.04633EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•4 views

EtherBee: a Global Dataset of Ethereum Node Performance Measurements Coupled with Honeypot Interactions and Full Network Sessions

We introduce EtherBee, a global dataset integrating detailed Ethereum node metrics, network traffic metadata, and honeypot interaction logs collected from ten geographically diverse vantage points over three months. By correlating node data with granular network sessions and security events,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•9 views

Large Language Models in the IoT Ecosystem -- a Survey on Security Challenges and Applications

The Internet of Things IoT and Large Language Models LLMs have been two major emerging players in the information technology era. Although there has been significant coverage of their individual capabilities, our literature survey sheds some light on the integration and interaction of LLMs and Io...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•5 views

Gentoo Linux Security Advisory 200506-20

Gentoo Linux Security Advisory 200506-20 - Cacti is vulnerable to several SQL injection, authentication bypass and file inclusion vulnerabilities. Versions less than 0.8.6f are affected...

7.5CVSS8AI score0.16552EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

Gentoo Linux Security Advisory 201908-27

Gentoo Linux Security Advisory 201908-27 - A vulnerability in Nautilus may allow attackers to escape the sandbox. Versions less than 3.30.5-r1 are affected...

7.8CVSS6.9AI score0.00348EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/23 12:0 a.m.•6 views

Gentoo Linux Security Advisory 201707-12

Gentoo Linux Security Advisory 201707-12 - A vulnerability in MAN DB allows local users to gain root privileges. Versions less than 2.7.6.1-r2 are affected...

7.8CVSS6.9AI score0.01047EPSS
Exploits3
Total number of security vulnerabilities6907