Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.13 views

Large Language Models As Explainable Cyberattack Detectors for Energy Industrial Control Systems

In modern energy systems, industrial control systems ICS and power-system SCADA require intrusion detection that is not only accurate but also auditable by operators. The ICS intrusion-detection landscape is currently dominated by established supervised detectors. In this paper, we study whether ...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.20 views

Towards Agentic Investigation of Security Alerts

Security analysts are overwhelmed by the volume of alerts and the low context provided by many detection systems. Early-stage investigations typically require manual correlation across multiple log sources, a task that is usually time-consuming. In this paper, we present an experimental, agentic...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.11 views

Logic-to-Code Execution via Indirect Prompt Injection

This document explores a critical architectural vulnerability in Large Language Model LLM implementations, specifically within Command Line Interface CLI tools and automated agentic workflows. The research demonstrates how the absence of separation between the control plane instructions and the...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.54 views

Windows Persistence via UserInitMprLogonScript Registry Key

This Python script demonstrates a Windows persistence technique based on modifying the HKCU\Environment\UserInitMprLogonScript registry value, which allows execution of a program each time the user logs in...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.7 views

MARD: A Multi-Agent Framework for Robust Android Malware Detection

With the rapid evolution of Android applications, traditional machine learning-based detection models suffer from concept drift. Additionally, they are constrained by shallow features, lacking deep semantic understanding and interpretability of decisions. Although Large Language Models LLMs...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.16 views

Medoid Prototype Alignment for Cross-Plant Unknown Attack Detection in Industrial Control Systems

Deploying an intrusion detector trained in one industrial plant to another remains difficult because Industrial Control System ICS traffic is highly site-dependent, labels are scarce, and unseen attacks often appear after deployment. To address this challenge, this paper introduces a medoid...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.60 views

An Empirical Security Evaluation of LLM-Generated Cryptographic Rust Code

Developers and organizations are using Large Language Models LLMs to generate security-critical code more frequently than ever, including cryptographic solutions for their products. This study presents an empirical evaluation of cryptographic security in 240 Rust code samples for two crypto...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.15 views

Threat-Oriented Digital Twinning for Security Evaluation of Autonomous Platforms

Open, unclassified research on secure autonomy is constrained by limited access to operational platforms, contested communications infrastructure, and representative adversarial test conditions. This paper presents a threat-oriented digital twinning methodology for cybersecurity evaluation of...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/28 12:0 a.m.23 views

OpenSOC-AI: Democratizing Security Operations with Parameter Efficient LLM Log Analysis

Small and medium sized businesses SMBs face an escalating cybersecurity threat landscape, yet most lack the resources to staff full Security Operations Centers SOCs or deploy enterprise grade detection platforms. This paper presents OpenSOC-AI, a lightweight log analysis framework that uses...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

GoAT-X: A Graph of Auditing Thoughts for Securing Token Transactions in Cross-Chain Contracts

Cross-chain bridges, the critical infrastructure of the multi-chain ecosystem, have become a primary target for attackers, resulting in over $2.8 billion in losses due to subtle implementation flaws. Existing defenses, such as bytecode-level static analysis, are ill-equipped to handle the semanti...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

Jailbreaking Frontier Foundation Models through Intention Deception

Large vision-language models exhibit remarkable capability but remain highly susceptible to jailbreaking. Existing safety training approaches aim to have the model learn a refusal boundary between safe and unsafe, based on the user's intent. It has been found that this binary training regime ofte...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

Evaluating Cryptographic API Misuse Detectors for Go

Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper presents the first comprehensive study of cryptographic AP...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.12 views

AgentVisor: Defending LLM Agents against Prompt Injection Via Semantic Virtualization

Large Language Model LLM agents are increasingly used to automate complex workflows, but integrating untrusted external data with privileged execution exposes them to severe security risks, particularly direct and indirect prompt injection. Existing defenses face significant challenges in balanci...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.7 views

Structured Security Auditing and Robustness Enhancement for Untrusted Agent Skills

Agent Skills package SKILL.md files, scripts, reference documents, and repository context into reusable capability units, turning pre-load auditing from single-prompt filtering into cross-file security review. Existing guardrails often flag risk but recover malicious intent inconsistently under...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

System-Aware Contextual Digital Twin for ICS Anomaly Diagnosis

Industrial Control Systems ICS integrate computing, physical processes, and communication to operate critical infrastructures such as power grids, water treatment plants, and oil and gas facilities. As ICS become increasingly targeted by cyberattacks, timely and reliable anomaly diagnosis is...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.24 views

Dynamic Cyber Ranges

As LLM-driven agents advance in cybersecurity, Jeopardy CTF benchmarks are approaching saturation and cyber ranges, the natural next evaluation frontier, offer diminishing resistance under their current static design. We validate this observation by deploying an LLM-driven Advanced Persistent...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

Converging Zero Trust and IoT Security: A Multivocal Literature Review

The convergence of Internet of Things IoT security and Zero Trust ZT principles is a trending topic, demanding a comprehensive, multi-perspective analysis. We present the first multivocal literature review MLR on this topic, combining 68 academic and 36 industrial studies. This comprehensive revi...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

Poster: ClawdGo: Endogenous Security Awareness Training for Autonomous AI Agents

Autonomous AI agents deployed on platforms such as OpenClaw face prompt injection, memory poisoning, supply-chain attacks, and social engineering, yet existing defences address only the platform perimeter, leaving the agent's own threat judgement entirely untrained. We present ClawdGo, a framewor...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.23 views

A Systematic Literature Review for Transformer-Based Software Vulnerability Detection

Context: Software vulnerabilities pose significant security threats to software systems, especially as software is increasingly used across many areas of daily life, including health, government, and finance. Recently, transformer-based models have demonstrated promising results in automatic...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.10 views

Machine-Checked Cardinality Bounds for Masked Barrett Reduction: A 1-Bit Side-Channel Leakage Barrier in Post-Quantum Cryptographic Hardware

Barrett reduction is the nonlinear core of every practical NTT-based post-quantum cryptography implementation. Existing composition frameworks ISW, t-SNI, PINI, DOM address Boolean masking over GF2; none provides a machine-checked characterization of Barrett's leakage under first-order arithmetic...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.10 views

Detecting Avalanche Effect in Adversarial Settings: Spotting the Encryption Loops in Ransomware

Spotting encryption loops in binary-only ransomware is a critical reverse engineering task. Since the existence of avalanche effect, an intrinsic characteristic of any secure encryption algorithms, is unavoidable during a victim data encryption attack, it is a very promising direction to spot...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.4 views

A Comparative Evaluation of AI Agent Security Guardrails

This report presents a comparative evaluation of DKnownAI Guard in AI agent security scenarios, benchmarked against three competing products: AWS Bedrock Guardrails, Azure Content Safety, and Lakera Guard. Using human annotation as the ground truth, we assess each guardrail's ability to detect tw...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.10 views

V8 BigInt SharedArrayBuffer Concurrency Synchronization

This JavaScript code is a concurrency demonstration using SharedArrayBuffer, Web Workers, and Atomics to coordinate execution between the main thread and a worker thread...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

RowHammer Vulnerability Counter (RVC): Redefining RowHammer Detection with Victim-Centric Tracking

The Rowhammer vulnerability poses an increasing challenge with newer generations of DRAM and aggressive technology scaling. Existing mitigation techniques, such as Graphene, Twice, and Hydra, primarily rely on tracking activation counts for each row and issuing refreshes when a row reaches a...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.17 views

MAS-SZZ: Multi-Agentic SZZ Algorithm for Vulnerability-Inducing Commit Identification

Accurate vulnerability-inducing commit identification serves as a foundation for a series of software security tasks, such as vulnerability detection and affected version analysis. A straightforward solution is the SZZ algorithm, which traces back through the code history to identify the earliest...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.7 views

From Spoofing to Trust: Emergency Alerts Spoofing Testbed and Cross-Cell Verification

Public warning systems PWS in cellular networks enable authorities to broadcast emergency alerts to all mobile phones in a geographic region in the event of threats such as earthquakes or severe weather. If an attacker can imitate these alerts and transmit a forged warning containing fake news or...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.7 views

SNF - Shadow Network Fingerprinting Engine

SNF Shadow Network Fingerprinting Engine is a 100% offline, air-gap-native passive network intelligence engine written entirely in Rust. It was designed from the ground up for environments where outbound connectivity is not just unavailable but prohibited: classified defense networks, nuclear...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets

This paper presents a system combining symbolic execution KLEE with a 4-agent multi-LLM architecture for detecting memory vulnerabilities in Rust unsafe code. A central challenge we address is the incomplete-code problem: CVE database entries provide only isolated code snippets that lack struct...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

DETOUR: A Practical Backdoor Attack against Object Detection

Object detection OD is critical to real-world vision systems, yet existing backdoor attacks on detection transformers DETRs for OD tasks rely on patch-wise triggers optimized at fixed locations with minimal perturbations. Such attacks overlook that backdoor triggers in the real world may appear a...

5.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.6 views

Network Impact of Post-Quantum Certificate Chain Sizes on Time to First Byte in TLS Deployments

Post-Quantum Cryptography PQC is a rapidly growing deployment challenge as cryptographically relevant quantum computers CRQC continue to advance, leaving traditional cryptographic algorithms used in X.509 vulnerable to attack. However, PQC introduces significant deployment challenges in real-worl...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.10 views

Joern 4.0.528

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.8 views

python-ecdsa DER Parser Security Test Suite

This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...

5.3CVSS5.1AI score0.00476EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/04/27 12:0 a.m.15 views

Selenium Grid 4.11.0 Selenoid Backend Detection and Safe Session Validation Inspector

The provided Python script is a non-exploit reconnaissance and validation tool designed to identify Selenium Grid or Selenoid deployments exposed via HTTP APIs...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.7 views

Safeguarding Skies: Airport Cybersecurity in the Digital Age

The aviation industry faces significant vulnerabilities from both physical and cybersecurity threats, highlighting the urgent need for enhanced cybersecurity measures amid increasingly sophisticated attacks. This paper systematically reviews emerging threats at airports, analyzing real-world...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.7 views

Evaluation of Prompt Injection Defenses in Large Language Models

LLM-powered applications routinely embed secrets in system prompts, yet models can be tricked into revealing them. We built an adaptive attacker that evolves its strategies over hundreds of rounds and tested it against nine defense configurations across more than 20,000 attacks. Every defense tha...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.9 views

SMSI: System Model Security Inference: Automated Threat Modeling for Cyber-Physical Systems

Threat modeling for cyber-physical systems CPS remains a largely manual exercise. This project presents SMSI System Model Security Inference, a hybrid neuro-symbolic pipeline that starts from a SysML architecture model and produces a prioritized list of NIST 800-53 security controls. The prototyp...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.9 views

Constraint-Guided Multi-Agent Decompilation for Executable Binary Recovery

Decompilation -- recovering source code from compiled binaries -- is essential for security analysis, malware reverse engineering, and legacy software maintenance. However, existing decompilers produce code that often fails to compile or execute correctly, limiting their practical utility. We...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.22 views

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.6 views

SeqShield: A Behavioral Analysis Approach to Uncover Rootkits

Rootkits are among the most elusive types of malware, capable of bypassing traditional static analysis methods due to their metamorphic behavior. Signature-based detection techniques struggle against these threats, necessitating a shift toward dynamic analysis approaches. We propose SeqShield, a...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.8 views

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.6 views

AsmRAG: LLM-Driven Malware Detection by Retrieving Functionally Similar Assembly Code

Deep learning malware detectors achieve high classification accuracy but suffer from severe interpretability limitations, typically returning probabilistic verdicts that lack forensic context. We introduce AsmRAG, a framework performing malware analysis through Assembly-Level Retrieval-Augmented...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.7 views

Scalable and Verifiable Federated Learning for Cross-Institution Financial Fraud Detection

The global financial ecosystem confronts a critical asymmetry: while fraud syndicates operate as borderless, distributed networks, banking institutions remain constrained by regulatory data silos, limiting visibility into cross-institutional threat patterns under strict privacy laws such as GDPR...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.12 views

Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation

Organisations operating within information-intensive environments face intensifying pressure to formalise the governance of information security. The ISO/IEC 27001:2022 standard provides a globally recognised framework for establishing, implementing, maintaining, and continually improving an...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.6 views

Evaluating Jailbreaking Vulnerabilities in LLMs Deployed As Assistants for Smart Grid Operations: A Benchmark against NERC Standards

The deployment of Large Language Models LLMs as assistants in electric grid operations promises to streamline compliance and decision-making but exposes new vulnerabilities to prompt-based adversarial attacks. This paper evaluates the risk of jailbreaking LLMs, i.e., circumventing safety alignmen...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.8 views

Architecture Matters for Multi-Agent Security

Multi-agent systems MAS, composed of networks of two or more autonomous AI agents, have become increasingly popular in production deployments, yet introduce security risks that do not arise in single-agent settings. Even if individual agents exhibit robust security, architectural decisions...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.6 views

From Stateless Queries to Autonomous Actions: A Layered Security Framework for Agentic AI Systems

Agentic AI systems face security challenges that stateless large language models do not. They plan across extended horizons, maintain persistent memory, invoke external tools, and coordinate with peer agents. Existing security analyses organize threats by attack type prompt injection, jailbreakin...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.19 views

UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks

Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.48 views

Ghost in the Agent: Redefining Information Flow Tracking for LLM Agents

Autonomous Large Language Model LLM agents are increasingly deployed to conduct complex tasks by interacting with external tools, APIs, and memory stores. However, processing untrusted external data exposes these agents to severe security threats, such as indirect prompt injection and unauthorize...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.46 views

Semantic Denial of Service in LLM-Controlled Robots

Safety-oriented instruction-following is supposed to keep LLM-controlled robots safe. We show it also creates an availability attack surface. By injecting short safety-plausible phrases 1-5 tokens into a robots audio channel, an adversary can trigger the models safety reasoning to halt or disrupt...

5.6AI score
Exploits0
Total number of security vulnerabilities6803