Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.7 views

Hackers or Hallucinators? A Comprehensive Analysis of LLM-Based Automated Penetration Testing

The rapid advancement of Large Language Models LLMs has created new opportunities for Automated Penetration Testing AutoPT, spawning numerous frameworks aimed at achieving end-to-end autonomous attacks. However, despite the proliferation of related studies, existing research generally lacks...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.7 views

Can Drift-Adaptive Malware Detectors Be Made Robust? Attacks and Defenses under White-Box and Black-Box Threats

Concept drift and adversarial evasion are two major challenges for deploying machine learning-based malware detectors. While both have been studied separately, their combination, the adversarial robustness of drift-adaptive detectors, remains unexplored. We address this problem with AdvDA, a rece...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

Swiss-Bench 003: Evaluating LLM Reliability and Adversarial Security for Swiss Regulatory Contexts

The deployment of large language models LLMs in Swiss financial and regulatory contexts demands empirical evidence of both production reliability and adversarial security, dimensions not jointly operationalized in existing Swiss-focused evaluation frameworks. This paper introduces Swiss-Bench 003...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.14 views

Time-Domain Voice Identity Morphing (TD-VIM): A Signal-Level Approach to Morphing Attacks on Speaker Verification Systems

In biometric systems, it is a common practice to associate each sample or template with a specific individual. Nevertheless, recent studies have demonstrated the feasibility of generating "morphed" biometric samples capable of matching multiple identities. These morph attacks have been recognized...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

Foundations for Agentic AI Investigations from the Forensic Analysis of OpenClaw

Agentic Al systems are increasingly deployed as personal assistants and are likely to become a common object of digital investigations. However, little is known about how their internal state and actions can be reconstructed during forensic analysis. Despite growing popularity, systematic forensi...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.6 views

SkillSieve: A Hierarchical Triage Framework for Detecting Malicious AI Agent Skills

OpenClaw's ClawHub marketplace hosts over 13,000 community-contributed agent skills, and between 13% and 26% of them contain security vulnerabilities according to recent audits. Regex scanners miss obfuscated payloads; formal static analyzers cannot read the natural language instructions in...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

Stealthy and Adjustable Text-Guided Backdoor Attacks on Multimodal Pretrained Models

Multimodal pretrained models are vulnerable to backdoor attacks, yet most existing methods rely on visual or multimodal triggers, which are impractical since visually embedded triggers rarely occur in real-world data. To overcome this limitation, we propose a novel Text-Guided Backdoor TGB attack...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations

In recent years, the pace of development of information technology in various areas has increased drastically, forcing cybersecurity specialists to constantly review existing processes in order to prevent unauthorized access to confidential information. Using Ukraine as a primary case study, this...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.6 views

PQC-Enhanced QKD Networks: A Layered Approach

We present a layered and modular network architecture that combines Quantum Key Distribution QKD and Post-Quantum Cryptography PQC to provide scalable end-to-end security across long distance multi-hop, trusted-node quantum networks. To ensure interoperability and efficient practical deployment,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.8 views

Windows Service for User (S4U) Scheduled Task Persistence Logon Trigger

This Metasploit module creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.6 views

Windows Service for User (S4U) Scheduled Task Persistence Logon Trigger

This Metasploit module creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.5 views

Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories 5.0

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.45 views

LLM4CodeRE: Generative AI for Code Decompilation Analysis and Reverse Engineering

Code decompilation analysis is a fundamental yet challenging task in malware reverse engineering, particularly due to the pervasive use of sophisticated obfuscation techniques. Although recent large language models LLMs have shown promise in translating low-level representations into high-level...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/07 12:0 a.m.6 views

OpenSSL Security Advisory 20260407

OpenSSL Security Advisory 20260407 - Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigge...

7.5CVSS6.1AI score0.01059EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.32 views

A Multi-Agent Framework for Automated Exploit Generation with Constraint-Guided Comprehension and Reflection

Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports with high false positive rates. Automated Exploit Generatio...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.5 views

SE-Enhanced ViT and BiLSTM-Based Intrusion Detection for Secure IIoT and IoMT Environments

With the rapid growth of interconnected devices in Industrial and Medical Internet of Things IIoT and MIoT ecosystems, ensuring timely and accurate detection of cyber threats has become a critical challenge. This study presents an advanced intrusion detection framework based on a hybrid...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.5 views

Mapping the Exploitation Surface: A 10,000-Trial Taxonomy of What Makes LLM Agents Exploit Vulnerabilities

LLM agents with tool access can discover and exploit security vulnerabilities. This is known. What is not known is which features of a system prompt trigger this behaviour, and which do not. We present a systematic taxonomy based on approximately 10,000 trials across seven models, 37 prompt...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.18 views

Explainable Autonomous Cyber Defense Using Adversarial Multi-Agent Reinforcement Learning

Autonomous agents are increasingly deployed in both offensive and defensive cyber operations, creating high-speed, closed-loop interactions in critical infrastructure environments. Advanced Persistent Threat APT actors exploit "Living off the Land" techniques and targeted telemetry perturbations ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.9 views

SALLIE: Safeguarding against Latent Language and Image Exploits

Large Language Models LLMs and Vision-Language Models VLMs remain highly vulnerable to textual and visual jailbreaks, as well as prompt injections arXiv:2307.15043, Greshake et al., 2023, arXiv:2306.13213. Existing defenses often degrade performance through complex input transformations or treat...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.6 views

pstrip64.sys Privilege Escalation

The pstrip64.sys kernel driver exposes an IOCTL that allows low-privileged users to map arbitrary ranges of physical memory into their own virtual address space. This primitive allows full read/write access to the system's physical RAM, enabling attackers to modify critical kernel structures and...

6.1AI score0.00107EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.5 views

Digital Privacy in IoT: Exploring Challenges, Approaches and Open Issues

Privacy has always been a critical issue in the digital era, particularly with the increasing use of Internet of Things IoT devices. As the IoT continues to transform industries such as healthcare, smart cities, and home automation, it has also introduced serious challenges regarding the security...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.22 views

METATRON AI Penetration Testing

Metatron is a CLI-based AI penetration testing assistant that runs entirely on your local machine - no cloud, no API keys, no subscriptions. You give it a target IP or domain. It runs real recon tools nmap, whois, whatweb, curl, dig, nikto, feeds all results to a locally running AI model, and the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.6 views

ShieldNet: Network-Level Guardrails against Emerging Supply-Chain Injections in Agentic Systems

Existing research on LLM agent security mainly focuses on prompt injection and unsafe input/output behaviors. However, as agents increasingly rely on third-party tools and MCP servers, a new class of supply-chain threats has emerged, where malicious behaviors are embedded in seemingly benign tool...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.5 views

SigCorr 0.1.0

SigCorr detects cross-protocol attack chains spanning SS7/MAP, Diameter S6a, and GTPv2-C interfaces in mobile core networks. It performs unified subscriber identity correlation across protocol boundaries to detect multi-stage attacks that single-interface monitors miss. It is written in Java 17 a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.6 views

Comprehensive List of User Deception Techniques in Emails

Email remains a central communication medium, yet its long-standing design and interface conventions continue to enable deceptive attacks. This research note presents a structured list of 42 email-based deception techniques, documented with 64 concrete example implementations, organized around th...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/06 12:0 a.m.7 views

Broken by Default: A Formal Verification Study of Security Vulnerabilities in AI-Generated Code

AI coding assistants are now used to generate production code in security-sensitive domains, yet the exploitability of their outputs remains unquantified. We address this gap with Broken by Default: a formal verification study of 3,500 code artifacts generated by seven frontier LLMs across 500...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.8 views

CoopGuard: Stateful Cooperative Agents Safeguarding LLMs against Evolving Multi-Round Attacks

As Large Language Models LLMs are increasingly deployed in complex applications, their vulnerability to adversarial attacks raises urgent safety concerns, especially those evolving over multi-round interactions. Existing defenses are largely reactive and struggle to adapt as adversaries refine...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.2 views

Beamforming Feedback As a Novel Attack Surface for Wi-Fi Physical-Layer Security

With the rapid evolution of wireless technologies, Wi-Fi has expanded beyond its original role in data transmission to support various emerging applications, particularly in physical-layer security, including device authentication, user authentication, and secret key generation. Despite extensive...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.6 views

Towards Unveiling Vulnerabilities of Large Reasoning Models in Machine Unlearning

Large language models LLMs possess strong semantic understanding, driving significant progress in data mining applications. This is further enhanced by large reasoning models LRMs, which provide explicit multi-step reasoning traces. On the other hand, the growing need for the right to be forgotte...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.7 views

LLM-Enabled Open-Source Systems in the Wild: An Empirical Study of Vulnerabilities in GitHub Security Advisories

Large language models LLMs are increasingly embedded in open-source software OSS ecosystems, creating complex interactions among natural language prompts, probabilistic model outputs, and execution-capable components. However, it remains unclear whether traditional vulnerability disclosure...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.7 views

Triggering and Detecting Exploitable Library Vulnerability from the Client by Directed Greybox Fuzzing

Developers utilize third-party libraries to improve productivity, which also introduces potential security risks. Existing approaches generate tests for public functions to trigger library vulnerabilities from client programs, yet they depend on proof-of-concepts PoCs, which are often unavailable...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.9 views

Semantics over Syntax: Uncovering Pre-Authentication 5G Baseband Vulnerabilities

Modern 5G user equipment UE processes Radio Resource Control RRC configuration messages during early control-plane exchanges, before authentication and integrity protection are established. Prior work for testing 5G UEs has largely focused on constructing syntactically invalid inputs. In contrast...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.2 views

Evaluating Future Air Traffic Management Security

The L-Band Digital Aviation Communication System LDACS aims to modernize communications between the aircraft and the tower. Besides digitizing this type of communication, the contributors also focus on protecting them against cyberattacks. There are several proposals regarding LDACS security, and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.6 views

NetSecBed: A Container-Native Testbed for Reproducible Cybersecurity Experimentation

Cybersecurity research increasingly depends on reproducible evidence, such as traffic traces, logs, and labeled datasets, yet most public datasets remain static and offer limited support for controlled re-execution and traceability, especially in heterogeneous multi-protocol environments. This...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.3 views

Merkle Tree Certificate Post-Quantum PKI for Kubernetes and Cloud-Native 5G/B5G Core

Post-quantum signature schemes such as ML-DSA-65 produce signatures of 3,309 bytes and public keys of 1,952 bytes over 50 times larger than classical Ed25519. In TLS-authenticated environments like Kubernetes control planes and 5G Core networks, where every inter-component connection is mutually...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.8 views

Invisible Adversaries: A Systematic Study of Session Manipulation Attacks on VPNs

Virtual Private Networks VPNs are widely used for censorship evasion and traffic protection. VPN users expect to be provided with adequate security protection, and at the same time not be affected by other users connected to the same VPN server, which can be illustrated as the non-interference...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/05 12:0 a.m.44 views

SkillAttack: Automated Red Teaming of Agent Skills through Attack Path Refinement

LLM-based agent systems increasingly rely on agent skills sourced from open registries to extend their capabilities, yet the openness of such ecosystems makes skills difficult to thoroughly vet. Existing attacks rely on injecting malicious instructions into skills, making them easily detectable b...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.3 views

Defending Buffer Overflows in WebAssembly: A Transpiler Approach

WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.10 views

SecPI: Secure Code Generation with Reasoning Models Via Security Reasoning Internalization

Reasoning language models RLMs are increasingly used in programming. Yet, even state-of-the-art RLMs frequently introduce critical security vulnerabilities in generated code. Prior training-based approaches for secure code generation face a critical limitation that prevents their direct applicati...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.5 views

Measuring the Permission Gate: A Stress-Test Evaluation of Claude Code's Auto Mode

Claude Code's auto mode is the first deployed permission system for AI coding agents, using a two-stage transcript classifier to gate dangerous tool calls. Anthropic reports a 0.4% false positive rate and 17% false negative rate on production traffic. We present the first independent evaluation o...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.5 views

Improving ML Attacks on LWE with Data Repetition and Stepwise Regression

The Learning with Errors LWE problem is a hard math problem in lattice-based cryptography. In the simplest case of binary secrets, it is the subset sum problem, with error. Effective ML attacks on LWE were demonstrated in the case of binary, ternary, and small secrets, succeeding on fairly sparse...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.7 views

AttackEval: A Systematic Empirical Study of Prompt Injection Attack Effectiveness against Large Language Models

Prompt injection has emerged as a critical vulnerability in large language model LLM deployments, yet existing research is heavily weighted toward defenses. The attack side -- specifically, which injection strategies are most effective and why -- remains insufficiently studied.We address this gap...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.4 views

Your Agent Is More Brittle Than You Think: Uncovering Indirect Injection Vulnerabilities in Agentic LLMs

The rapid deployment of open-source frameworks has significantly advanced the development of modern multi-agent systems. However, expanded action spaces, including uncontrolled privilege exposure and hidden inter-system interactions, pose severe security challenges. Specifically, Indirect Prompt...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.3 views

Towards Predicting Multi-Vulnerability Attack Chains in Software Supply Chains from Software Bill of Materials Graphs

Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials SBOM-based pipelines for security analysis typically treat scanner findings as independent per-CVE Common...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.3 views

Automating Cloud Security and Forensics through a Secure-By-Design Generative AI Framework

As cloud environments become increasingly complex, cybersecurity and forensic investigations must evolve to meet emerging threats. Large Language Models LLMs have shown promise in automating log analysis and reasoning tasks, yet they remain vulnerable to prompt injection attacks and lack forensic...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.6 views

Perceptual Gaps: ASCII Art and Overlapping Audio As CAPTCHA

As multimodal large language models LLMs advance, traditional CAPTCHAs have become obsolete at distinguishing humans from bots. To address this shift, this paper aims to investigate the possibility of using tasks for which humans have evolved highly specialised neural processing. We introduce two...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.6 views

Explainable PQC: A Layered Interpretive Framework for Post-Quantum Cryptographic Security Assumptions

This paper studies how post-quantum cryptographic PQC security assumptions can be represented and communicated through a structured, layered framework that is useful for technical interpretation but does not replace formal cryptographic proofs. We propose "Explainable PQC,'' an interdisciplinary...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/04 12:0 a.m.9 views

Explainability-Guided Adversarial Attacks on Transformer-Based Malware Detectors Using Control Flow Graphs

Transformer-based malware detection systems operating on graph modalities such as control flow graphs CFGs achieve strong performance by modeling structural relationships in program behavior. However, their robustness to adversarial evasion attacks remains underexplored. This paper examines the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.4 views

Towards Secure Agent Skills: Architecture, Threat Taxonomy, and Security Analysis

Agent Skills is an emerging open standard that defines a modular, filesystem-based packaging format enabling LLM-based agents to acquire domain-specific expertise on demand. Despite rapid adoption across multiple agentic platforms and the emergence of large community marketplaces, the security...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.29 views

Supply-Chain Poisoning Attacks against LLM Coding Agent Skill Ecosystems

LLM-based coding agents extend their capabilities via third-party agent skills distributed through open marketplaces without mandatory security review. Unlike traditional packages, these skills are executed as operational directives with system-level privileges, so a single malicious skill can...

6AI score
Exploits0
Total number of security vulnerabilities6803