Lucene search
+L
PacketstormnewsRecent

6907 matches found

Packet Storm News
Packet Storm News
•added 2025/05/08 12:0 a.m.•11 views

Privacy-Preserving Transformers: SwiftKey'S Differential Privacy Implementation

In this paper we train a transformer using differential privacy DP for language modeling in SwiftKey. We run multiple experiments to balance the trade-off between the model size, run-time speed and accuracy. We show that we get small and consistent gains in the next-word-prediction and accuracy...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•4 views

Winning at All Cost: a Small Environment for Eliciting Specification Gaming Behaviors in Large Language Models

This study reveals how frontier Large Language Models LLMs can "game the system" when faced with impossible situations, a critical security and alignment concern. Using a novel textual simulation approach, we presented three leading LLMs o1, o3-mini, and r1 with a tic-tac-toe scenario designed to...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•7 views

OBLIVIATE: Robust and Practical Machine Unlearning for Large Language Models

Large language models LLMs trained over extensive corpora risk memorizing sensitive, copyrighted, or toxic content. To address this, we propose OBLIVIATE, a robust unlearning framework that removes targeted data while preserving model utility. The framework follows a structured process: extractin...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•8 views

An LLM-Based Self-Evolving Security Framework for 6G Space-Air-Ground Integrated Networks

Recently emerged 6G space-air-ground integrated networks SAGINs, which integrate satellites, aerial networks, and terrestrial communications, offer ubiquitous coverage for various mobile applications. However, the highly dynamic, open, and heterogeneous nature of SAGINs poses severe security...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

Safeguard-By-Development: a Privacy-Enhanced Development Paradigm for Multi-Agent Collaboration Systems

Multi-agent collaboration systems MACS, powered by large language models LLMs, solve complex problems efficiently by leveraging each agent's specialization and communication between agents. However, the inherent exchange of information between agents and their interaction with external...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•4 views

CISA: Primary Mitigations to Reduce Cyber Threats to Operational Technology

The Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Environmental Protection Agency EPA, and Department of Energy DOE are aware of cyber incidents affecting the operational technology OT and industrial control systems ICS of critical infrastructure...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

A Proposal for Evaluating the Operational Risk for ChatBots Based on Large Language Models

The emergence of Generative AI Gen AI and Large Language Models LLMs has enabled more advanced chatbots capable of human-like interactions. However, these conversational agents introduce a broader set of operational risks that extend beyond traditional cybersecurity considerations. In this work, ...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•3 views

On the Vulnerability of Underwater Magnetic Induction Communication

Typical magnetic induction MI communication is commonly considered a secure underwater wireless communication UWC technology due to its non-audible and non-visible nature compared to acoustic and optical UWC technologies. However, vulnerabilities in communication systems inevitably exist and may...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•12 views

Applied Post Quantum Cryptography: a Practical Approach for Generating Certificates in Industrial Environments

The transition to post-quantum cryptography PQC presents significant challenges for certificate-based identity management in industrial environments, where secure onboarding of devices relies on long-lived and interoperable credentials. This work analyzes the integration of PQC into X.509...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•10 views

Federated Learning for Cyber Physical Systems: a Comprehensive Survey

The integration of machine learning ML in cyber physical systems CPS is a complex task due to the challenges that arise in terms of real-time decision making, safety, reliability, device heterogeneity, and data privacy. There are also open research questions that must be addressed in order to ful...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•8 views

Weaponizing Language Models for Cybersecurity Offensive Operations: Automating Vulnerability Assessment Report Validation; a Review Paper

This, with the ever-increasing sophistication of cyberwar, calls for novel solutions. In this regard, Large Language Models LLMs have emerged as a highly promising tool for defensive and offensive cybersecurity-related strategies. While existing literature has focused much on the defensive use of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•12 views

ACE: a Security Architecture for LLM-Integrated App Systems

LLM-integrated app systems extend the utility of Large Language Models LLMs with third-party apps that are invoked by a system LLM using interleaved planning and execution phases to answer user queries. These systems introduce new attack vectors where malicious apps can cause integrity violation ...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

A Framework to Prevent Biometric Data Leakage in the Immersive Technologies Domain

Doubtlessly, the immersive technologies have potential to ease people's life and uplift economy, however the obvious data privacy risks cannot be ignored. For example, a participant wears a 3D headset device which detects participant's head motion to track the pose of participant's head to match...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•21 views

FedRE: Robust and Effective Federated Learning with Privacy Preference

Despite Federated Learning FL employing gradient aggregation at the server for distributed training to prevent the privacy leakage of raw data, private information can still be divulged through the analysis of uploaded gradients from clients. Substantial efforts have been made to integrate local...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•7 views

Commvault Command Center Innovation Release 11.38 Remote Code Execution

Remote code execution exploit for Commvault Command Center version 11.38. Written in Python. This tool allows testing single targets or scanning multiple hosts in bulk...

10CVSS9.8AI score0.97292EPSS
Exploits5
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•15 views

WordPress CSV Mass Importer 1.2 Shell Upload

WordPress CSV Mass Importer plugin versions 1.2 and below suffer from a remote shell upload vulnerability...

7.2CVSS7.6AI score0.00489EPSS
Exploits3
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•5 views

A Numerical Gradient Inversion Attack in Variational Quantum Neural-Networks

The loss landscape of Variational Quantum Neural Networks VQNNs is characterized by local minima that grow exponentially with increasing qubits. Because of this, it is more challenging to recover information from model gradients during training compared to classical Neural Networks NNs. In this...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

Securing Immersive 360 Video Streams through Attribute-Based Selective Encryption

Delivering high-quality, secure 360� video content introduces unique challenges, primarily due to the high bitrates and interactive demands of immersive media. Traditional HTTPS-based methods, although widely used, face limitations in computational efficiency and scalability when securing these...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•7 views

Privacy Challenges in Image Processing Applications

As image processing systems proliferate, privacy concerns intensify given the sensitive personal information contained in images. This paper examines privacy challenges in image processing and surveys emerging privacy-preserving techniques including differential privacy, secure multiparty...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•4 views

Memory under Siege: a Comprehensive Survey of Side-Channel Attacks on Memory

Whitepaper called Memory Under Siege: A Comprehensive Survey Of Side-Channel Attacks On Memory...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•7 views

Botan C++ Crypto Algorithms Library 3.8.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

Guardians of the Web: the Evolution and Future of Website Information Security

Website information security has become a critical concern in the digital age. This article explores the evolution of website information security, examining its historical development, current practices, and future directions. The early beginnings from the 1960s to the 1980s laid the groundwork...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

DMRL: Data- and Model-Aware Reward Learning for Data Extraction

Large language models LLMs are inherently vulnerable to unintended privacy breaches. Consequently, systematic red-teaming research is essential for developing robust defense mechanisms. However, current data extraction methods suffer from several limitations: 1 rely on dataset duplicates...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•6 views

RAP-SM: Robust Adversarial Prompt Via Shadow Models for Copyright Verification of Large Language Models

Recent advances in large language models LLMs have underscored the importance of safeguarding intellectual property rights through robust fingerprinting techniques. Traditional fingerprint verification approaches typically focus on a single model, seeking to improve the robustness of its...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•4 views

Input-Specific and Universal Adversarial Attack Generation for Spiking Neural Networks in the Spiking Domain

As Spiking Neural Networks SNNs gain traction across various applications, understanding their security vulnerabilities becomes increasingly important. In this work, we focus on the adversarial attacks, which is perhaps the most concerning threat. An adversarial attack aims at finding a subtle...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•4 views

Preparing for the Post Quantum Era: Quantum Ready Architecture for Security and Risk Management (QUASAR) -- a Strategic Framework for Cybersecurity

As quantum computing progresses, traditional cryptographic systems face the threat of obsolescence due to the capabilities of quantum algorithms. This paper introduces the Quantum-Ready Architecture for Security and Risk Management QUASAR, a novel framework designed to help organizations prepare...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/07 12:0 a.m.•10 views

Large Language Models Are Autonomous Cyber Defenders

Fast and effective incident response is essential to prevent adversarial cyberattacks. Autonomous Cyber Defense ACD aims to automate incident response through Artificial Intelligence AI agents that plan and execute actions. Most ACD approaches focus on single-agent scenarios and leverage...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

CB-CPIR: Code-Based Computational Private Information Retrieval

A private information retrieval PIR scheme is a protocol that allows a user to retrieve a file from a database without revealing the identity of the desired file to a curious database. Given a distributed data storage system, efficient PIR can be achieved by making assumptions about the colluding...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•5 views

A Study on Audio Synchronous Steganography Detection and Distributed Guide Inference Model Based on Sliding Spectral Features and Intelligent Inference Drive

With the rise of short video platforms in global communication, embedding steganographic data in audio synchronization streams has emerged as a new covert communication method. To address the limitations of traditional techniques in detecting synchronized steganography, this paper proposes a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

MergeGuard: Efficient Thwarting of Trojan Attacks in Machine Learning Models

This paper proposes MergeGuard, a novel methodology for mitigation of AI Trojan attacks. Trojan attacks on AI models cause inputs embedded with triggers to be misclassified to an adversary's target class, posing a significant threat to model usability trained by an untrusted third party. The core...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•5 views

Directed Greybox Fuzzing Via Large Language Model

Directed greybox fuzzing DGF focuses on efficiently reaching specific program locations or triggering particular behaviors, making it essential for tasks like vulnerability detection and crash reproduction. However, existing methods often suffer from path explosion and randomness in input mutatio...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•3 views

CodeBC: a More Secure Large Language Model for Smart Contract Code Generation in Blockchain

Large language models LLMs excel at generating code from natural language instructions, yet they often lack an understanding of security vulnerabilities. This limitation makes it difficult for LLMs to avoid security risks in generated code, particularly in high-security programming tasks such as...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•6 views

SolPhishHunter: Towards Detecting and Understanding Phishing on Solana

Solana is a rapidly evolving blockchain platform that has attracted an increasing number of users. However, this growth has also drawn the attention of malicious actors, with some phishers extending their reach into the Solana ecosystem. Unlike platforms such as Ethereum, Solana has distinct...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•3 views

AI-Driven Security in Cloud Computing: Enhancing Threat Detection, Automated Response, and Cyber Resilience

Cloud security concerns have been greatly realized in recent years due to the increase of complicated threats in the computing world. Many traditional solutions do not work well in real-time to detect or prevent more complex threats. Artificial intelligence is today regarded as a revolution in...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

Differential Privacy for Network Assortativity

The analysis of network assortativity is of great importance for understanding the structural characteristics of and dynamics upon networks. Often, network assortativity is quantified using the assortativity coefficient that is defined based on the Pearson correlation coefficient between vertex...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•7 views

BadLingual: a Novel Lingual-Backdoor Attack against Large Language Models

In this paper, we present a new form of backdoor attack against Large Language Models LLMs: lingual-backdoor attacks. The key novelty of lingual-backdoor attacks is that the language itself serves as the trigger to hijack the infected LLMs to generate inflammatory speech. They enable the precise...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•7 views

LlamaFirewall: an Open Source Guardrail System for Building Secure AI Agents

Large language models LLMs have evolved from simple chatbots into autonomous agents capable of performing complex tasks such as editing production code, orchestrating workflows, and taking higher-stakes actions based on untrusted inputs like webpages and emails. These capabilities introduce new...

7.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•5 views

Mitigating Backdoor Triggered and Targeted Data Poisoning Attacks in Voice Authentication Systems

Voice authentication systems remain susceptible to two major threats: backdoor triggered attacks and targeted data poisoning attacks. This dual vulnerability is critical because conventional solutions typically address each threat type separately, leaving systems exposed to adversaries who can...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

A Chaos Driven Metric for Backdoor Attack Detection

The advancement and adoption of Artificial Intelligence AI models across diverse domains have transformed the way we interact with technology. However, it is essential to recognize that while AI models have introduced remarkable advancements, they also present inherent challenges such as their...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

Detecting Quishing Attacks with Machine Learning Techniques through QR Code Analysis

The rise of QR code based phishing "Quishing" poses a growing cybersecurity threat, as attackers increasingly exploit QR codes to bypass traditional phishing defenses. Existing detection methods predominantly focus on URL analysis, which requires the extraction of the QR code payload, and may...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•7 views

Data-Driven Falsification of Cyber-Physical Systems

Whitepaper called Data-Driven Falsification Of Cyber-Physical Systems...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•8 views

The Steganographic Potentials of Language Models

The potential for large language models LLMs to hide messages within plain text steganography poses a challenge to detection and thwarting of unaligned AI agents, and undermines faithfulness of LLMs reasoning. We explore the steganographic capabilities of LLMs fine-tuned via reinforcement learnin...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•7 views

SKALD: Scalable K-Anonymisation for Large Datasets

Data privacy and anonymisation are critical concerns in today's data-driven society, particularly when handling personal and sensitive user data. Regulatory frameworks worldwide recommend privacy-preserving protocols such as k-anonymisation to de-identify releases of tabular data. Available...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•8 views

Bridging Expertise Gaps: the Role of LLMs in Human-AI Collaboration for Cybersecurity

This study investigates whether large language models LLMs can function as intelligent collaborators to bridge expertise gaps in cybersecurity decision-making. We examine two representative tasks-phishing email detection and intrusion detection-that differ in data modality, cognitive complexity,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•13 views

WordPress Flynax Bridge 2.2.0 Privilege Escalation

WordPress Flynax Bridge plugin versions 2.2.0 and below suffer from an unauthenticated privilege escalation vulnerability...

9.8CVSS9.2AI score0.00644EPSS
Exploits1
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

Empc: Effective Path Prioritization for Symbolic Execution with Path Cover

Symbolic execution is a powerful program analysis technique that can formally reason the correctness of program behaviors and detect software bugs. It can systematically explore the execution paths of the tested program. But it suffers from an inherent limitation: path explosion. Path explosion...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•6 views

Rollbaccine : Herd Immunity against Storage Rollback Attacks in TEEs [Technical Report]

Today, users can "lift-and-shift" unmodified applications into modern, VM-based Trusted Execution Environments TEEs in order to gain hardware-based security guarantees. However, TEEs do not protect applications against disk rollback attacks, where persistent storage can be reverted to an earlier...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•6 views

LLMs' Suitability for Network Security: a Case Study of STRIDE Threat Modeling

Artificial Intelligence AI is expected to be an integral part of next-generation AI-native 6G networks. With the prevalence of AI, researchers have identified numerous use cases of AI in network security. However, there are almost nonexistent studies that analyze the suitability of Large Language...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•4 views

Publicly Verifiable Secret Sharing: Generic Constructions and Lattice-Based Instantiations in the Standard Model

Publicly verifiable secret sharing PVSS allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/05/06 12:0 a.m.•8 views

Elevating Cyber Threat Intelligence against Disinformation Campaigns with LLM-Based Concept Extraction and the FakeCTI Dataset

The swift spread of fake news and disinformation campaigns poses a significant threat to public trust, political stability, and cybersecurity. Traditional Cyber Threat Intelligence CTI approaches, which rely on low-level indicators such as domain names and social media handles, are easily evaded ...

7AI score
Exploits0
Total number of security vulnerabilities6907