Lucene search
+L
PacketstormnewsRecent

6864 matches found

packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•5 views

PHSafe: Disclosure Avoidance for the 2020 Census Supplemental Demographic and Housing Characteristics File (S-DHC)

This article describes the disclosure avoidance algorithm that the U.S. Census Bureau used to protect the 2020 Census Supplemental Demographic and Housing Characteristics File S-DHC. The tabulations contain statistics of counts of U.S. persons living in certain types of households, including...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•6 views

Adaptive Wizard for Removing Cross-Tier Misconfigurations in Active Directory

Security vulnerabilities in Windows Active Directory AD systems are typically modeled using an attack graph and hardening AD systems involves an iterative workflow: security teams propose an edge to remove, and IT operations teams manually review these fixes before implementing the removal. As...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•12 views

WordPress NewsBlogger Theme 0.2.5.1 Shell Upload

WordPress NewsBlogger Theme versions 0.2.5.1 and below suffer from a remote shell upload vulnerability...

8.8CVSS9.1AI score0.00996EPSS
Exploits1
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•9 views

The DCR Delusion: Measuring the Privacy Risk of Synthetic Data

Synthetic data has become an increasingly popular way to share data without revealing sensitive information. Though Membership Inference Attacks MIAs are widely considered the gold standard for empirically assessing the privacy of a synthetic dataset, practitioners and researchers often rely on...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•8 views

VIDSTAMP: a Temporally-Aware Watermark for Ownership and Integrity in Video Diffusion Models

The rapid rise of video diffusion models has enabled the generation of highly realistic and temporally coherent videos, raising critical concerns about content authenticity, provenance, and misuse. Existing watermarking approaches, whether passive, post-hoc, or adapted from image-based techniques...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•5 views

A Rusty Link in the AI Supply Chain: Detecting Evil Configurations in Model Repositories

Recent advancements in large language models LLMs have spurred the development of diverse AI applications from code generation and video editing to text generation; however, AI supply chains such as Hugging Face, which host pretrained models and their associated configuration files contributed by...

7.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•9 views

Capability-Based Multi-Tenant Access Management in Crowdsourced Drone Services

We propose a capability-based access control method that leverages OAuth 2.0 and Verifiable Credentials VCs to share resources in crowdsourced drone services. VCs securely encode claims about entities, offering flexibility. However, standardized protocols for VCs are lacking, limiting their...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•7 views

LLM Security: Vulnerabilities, Attacks, Defenses, and Countermeasures

As large language models LLMs continue to evolve, it is critical to assess the security threats and vulnerabilities that may arise both during their training phase and after models have been deployed. This survey seeks to define and categorize the various attacks targeting LLMs, distinguishing...

7.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•5 views

Allocation of Heterogeneous Resources in General Lotto Games

The allocation of resources plays an important role in the completion of system objectives and tasks, especially in the presence of strategic adversaries. Optimal allocation strategies are becoming increasingly more complex, given that multiple heterogeneous types of resources are at a system...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•6 views

LLM Watermarking Using Mixtures and Statistical-To-Computational Gaps

Given a text, can we determine whether it was generated by a large language model LLM or by a human? A widely studied approach to this problem is watermarking. We propose an undetectable and elementary watermarking scheme in the closed setting. Also, in the harder open setting, where the adversar...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•7 views

CISA: Dams Sector Crisis Management Handbook

The Dams Sector Crisis Management Handbook 2025 introduces crisis management concepts, explains how crisis management measures are an important component of an overall risk management framework, and highlights guidelines to apply these concepts to dams and related infrastructure...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•18 views

Active Sybil Attack and Efficient Defense Strategy in IPFS DHT

The InterPlanetary File System IPFS is a decentralized peer-to-peer P2P storage that relies on Kademlia, a Distributed Hash Table DHT structure commonly used in P2P systems for its proved scalability. However, DHTs are known to be vulnerable to Sybil attacks, in which a single entity controls...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•8 views

Modeling Behavioral Preferences of Cyber Adversaries Using Inverse Reinforcement Learning

This paper presents a holistic approach to attacker preference modeling from system-level audit logs using inverse reinforcement learning IRL. Adversary modeling is an important capability in cybersecurity that lets defenders characterize behaviors of potential attackers, which enables attributio...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•9 views

Secure Cluster-Based Hierarchical Federated Learning in Vehicular Networks

Hierarchical Federated Learning HFL has recently emerged as a promising solution for intelligent decision-making in vehicular networks, helping to address challenges such as limited communication resources, high vehicle mobility, and data heterogeneity. However, HFL remains vulnerable to...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•7 views

SafeTab-H: Disclosure Avoidance for the 2020 Census Detailed Demographic and Housing Characteristics File B (Detailed DHC-B)

This article describes SafeTab-H, a disclosure avoidance algorithm applied to the release of the U.S. Census Bureau's Detailed Demographic and Housing Characteristics File B Detailed DHC-B as part of the 2020 Census. The tabulations contain household statistics about household type and tenure...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•7 views

Explainable Machine Learning for Cyberattack Identification from Traffic Flows

The increasing automation of traffic management systems has made them prime targets for cyberattacks, disrupting urban mobility and public safety. Traditional network-layer defenses are often inaccessible to transportation agencies, necessitating a machine learning-based approach that relies sole...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•6 views

Constrained Network Adversarial Attacks: Validity, Robustness, and Transferability

While machine learning has significantly advanced Network Intrusion Detection Systems NIDS, particularly within IoT environments where devices generate large volumes of data and are increasingly susceptible to cyber threats, these models remain vulnerable to adversarial attacks. Our research...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•19 views

Building a Secure Agentic AI Application Leveraging A2A Protocol

As Agentic AI systems evolve from basic workflows to complex multi agent collaboration, robust protocols such as Google's Agent2Agent A2A become essential enablers. To foster secure adoption and ensure the reliability of these complex interactions, understanding the secure implementation of A2A i...

7.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•7 views

Securing Agentic AI: a Comprehensive Threat Model and Mitigation Framework for Generative AI Agents

As generative AI GenAI agents become more common in enterprise settings, they introduce security challenges that differ significantly from those posed by traditional systems. These agents are not just LLMs; they reason, remember, and act, often with minimal human oversight. This paper introduces ...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•6 views

Poster: Machine Learning for Vulnerability Detection As Target Oracle in Automated Fuzz Driver Generation

In vulnerability detection, machine learning has been used as an effective static analysis technique, although it suffers from a significant rate of false positives. Contextually, in vulnerability discovery, fuzzing has been used as an effective dynamic analysis technique, although it requires...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•16 views

Securing the Future of IVR: AI-Driven Innovation with Agile Security, Data Regulation, and Ethical AI Integration

The rapid digitalization of communication systems has elevated Interactive Voice Response IVR technologies to become critical interfaces for customer engagement. With Artificial Intelligence AI now driving these platforms, ensuring secure, compliant, and ethically designed development practices i...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/02 12:0 a.m.•18 views

Good News for Script Kiddies? Evaluating Large Language Models for Automated Exploit Generation

Large Language Models LLMs have demonstrated remarkable capabilities in code-related tasks, raising concerns about their potential for automated exploit generation AEG. This paper presents the first systematic study on LLMs' effectiveness in AEG, evaluating both their cooperativeness and technica...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•8 views

Protocol-Agnostic and Data-Free Backdoor Attacks on Pre-Trained Models in RF Fingerprinting

While supervised deep neural networks DNNs have proven effective for device authentication via radio frequency RF fingerprinting, they are hindered by domain shift issues and the scarcity of labeled data. The success of large language models has led to increased interest in unsupervised pre-train...

7.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•9 views

Zero-Day Botnet Attack Detection in IoV: a Modular Approach Using Isolation Forests and Particle Swarm Optimization

The Internet of Vehicles IoV is transforming transportation by enhancing connectivity and enabling autonomous driving. However, this increased interconnectivity introduces new security vulnerabilities. Bot malware and cyberattacks pose significant risks to Connected and Autonomous Vehicles CAVs, ...

7.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•8 views

Ai.Txt: a Domain-Specific Language for Guiding AI Interactions with the Internet

We introduce ai.txt, a novel domain-specific language DSL designed to explicitly regulate interactions between AI models, agents, and web content, addressing critical limitations of the widely adopted robots.txt standard. As AI increasingly engages with online materials for tasks such as training...

7.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Enhancing the Cloud Security through Topic Modelling

Protecting cloud applications is crucial in an age where security constantly threatens the digital world. The inevitable cyber-attacks throughout the CI/CD pipeline make cloud security innovations necessary. This research is motivated by applying Natural Language Processing NLP methodologies, suc...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•4 views

Notes on Univariate Sumcheck

These notes describe an adaptation of the multivariate sumcheck protocol to univariate polynomials interpolated over roots of unity...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Non-Adaptive Cryptanalytic Time-Space Lower Bounds Via a Shearer-Like Inequality for Permutations

Whitepaper called Non-Adaptive Cryptanalytic Time-Space Lower Bounds Via A Shearer-Like Inequality For Permutations...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•4 views

Auditing without Leaks Despite Curiosity

Whitepaper called Auditing Without Leaks Despite Curiosity...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

OET: Optimization-Based Prompt Injection Evaluation Toolkit

Large Language Models LLMs have demonstrated remarkable capabilities in natural language understanding and generation, enabling their widespread adoption across various domains. However, their susceptibility to prompt injection attacks poses significant security risks, as adversarial inputs can...

7.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•5 views

Apple AirPlay Command Execution

Proof of concept exploit demonstrating the Apple AirPlay vulnerability as noted in CVE-2025-24271...

5.4CVSS6.8AI score0.00427EPSS
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Preserving Privacy and Utility in LLM-Based Product Recommendations

Large Language Model LLM-based recommendation systems leverage powerful language models to generate personalized suggestions by processing user interactions and preferences. Unlike traditional recommendation systems that rely on structured data and collaborative filtering, LLM-based models proces...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•15 views

WordPress WP-Advanced-Search 3.3.9.3 Shell Upload

WordPress WP-Advanced-Search plugin versions 3.3.9.3 and below suffer from a remote shell upload vulnerability...

6.6CVSS7.4AI score0.00437EPSS
Exploits1
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

AI-Driven IRM: Transforming Insider Risk Management with Adaptive Scoring and LLM-Based Threat Detection

Insider threats pose a significant challenge to organizational security, often evading traditional rule-based detection systems due to their subtlety and contextual nature. This paper presents an AI-powered Insider Risk Management IRM system that integrates behavioral analytics, dynamic risk...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Spill the Beans: Exploiting CPU Cache Side-Channels to Leak Tokens from Large Language Models

Side-channel attacks on shared hardware resources increasingly threaten confidentiality, especially with the rise of Large Language Models LLMs. In this work, we introduce Spill The Beans, a novel application of cache side-channels to leak tokens generated by an LLM. By co-locating an attack...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•16 views

HoneyWin: High-Interaction Windows Honeypot in Enterprise Environment

Windows operating systems OS are ubiquitous in enterprise Information Technology IT and operational technology OT environments. Due to their widespread adoption and known vulnerabilities, they are often the primary targets of malware and ransomware attacks. With 93% of the ransomware targeting...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•9 views

Can Differentially Private Fine-Tuning LLMs Protect against Privacy Attacks?

Fine-tuning large language models LLMs has become an essential strategy for adapting them to specialized tasks; however, this process introduces significant privacy challenges, as sensitive training data may be inadvertently memorized and exposed. Although differential privacy DP offers strong...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Addressing Noise and Stochasticity in Fraud Detection for Service Networks

Fraud detection is crucial in social service networks to maintain user trust and improve service network security. Existing spectral graph-based methods address this challenge by leveraging different graph filters to capture signals with different frequencies in service networks. However, most...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•8 views

From Texts to Shields: Convergence of Large Language Models and Cybersecurity

This report explores the convergence of large language models LLMs and cybersecurity, synthesizing interdisciplinary insights from network security, artificial intelligence, formal methods, and human-centered design. It examines emerging applications of LLMs in software and network security, 5G...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Development of an Adapter for Analyzing and Protecting Machine Learning Models from Competitive Activity in the Networks Services

Due to the increasing number of tasks that are solved on remote servers, identifying and classifying traffic is an important task to reduce the load on the server. There are various methods for classifying traffic. This paper discusses machine learning models for solving this problem. However, su...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

Decentralized Vulnerability Disclosure Via Permissioned Blockchain: a Secure, Transparent Alternative to Centralized CVE Management

This paper proposes a decentralized, blockchain-based system for the publication of Common Vulnerabilities and Exposures CVEs, aiming to mitigate the limitations of the current centralized model primarily overseen by MITRE. The proposed architecture leverages a permissioned blockchain, wherein on...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•6 views

Analysis of the Vulnerability of Machine Learning Regression Models to Adversarial Attacks Using Data from 5G Wireless Networks

This article describes the process of creating a script and conducting an analytical study of a dataset using the DeepMIMO emulator. An advertorial attack was carried out using the FGSM method to maximize the gradient. A comparison is made of the effectiveness of binary classifiers in the task of...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•5 views

A Novel Feature-Aware Chaotic Image Encryption Scheme for Data Security and Privacy in IoT and Edge Networks

The security of image data in the Internet of Things IoT and edge networks is crucial due to the increasing deployment of intelligent systems for real-time decision-making. Traditional encryption algorithms such as AES and RSA are computationally expensive for resource-constrained IoT devices and...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•5 views

Confidential Serverless Computing

Although serverless computing offers compelling cost and deployment simplicity advantages, a significant challenge remains in securely managing sensitive data as it flows through the network of ephemeral function executions in serverless computing environments within untrusted clouds. While...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•15 views

PatchFuzz: Patch Fuzzing for JavaScript Engines

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have been limited to using ordinary test cases or publicly...

7.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•7 views

RevealNet: Distributed Traffic Correlation for Attack Attribution on Programmable Networks

Network attackers have increasingly resorted to proxy chains, VPNs, and anonymity networks to conceal their activities. To tackle this issue, past research has explored the applicability of traffic correlation techniques to perform attack attribution, i.e., to identify an attacker's true network...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•6 views

Attack and Defense Techniques in Large Language Models: a Survey and New Perspectives

Large Language Models LLMs have become central to numerous natural language processing tasks, but their vulnerabilities present significant security and ethical challenges. This systematic survey explores the evolving landscape of attack and defense techniques in LLMs. We classify attacks into...

7.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/05/01 12:0 a.m.•12 views

Packet Storm New Exploits for April, 2025

This archive contains all of the 166 exploits added to Packet Storm in April, 2025...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/04/30 12:0 a.m.•11 views

An Empirical Study on the Effectiveness of Large Language Models for Binary Code Understanding

Binary code analysis plays a pivotal role in the field of software security and is widely used in tasks such as software maintenance, malware detection, software vulnerability discovery, patch analysis, etc. However, unlike source code, reverse engineers face significant challenges in understandi...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/04/30 12:0 a.m.•7 views

Overlapping Data in Network Protocols: Bridging OS and NIDS Reassembly Gap

IPv4, IPv6, and TCP have a common mechanism allowing one to split an original data packet into several chunks. Such chunked packets may have overlapping data portions and, OS network stack implementations may reassemble these overlaps differently. A Network Intrusion Detection System NIDS that...

7AI score
Exploits0
Total number of security vulnerabilities6864