Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•24 views

Securing Elliptic Curve Cryptocurrencies against Quantum Vulnerabilities: Resource Estimates and Mitigations

This whitepaper seeks to elucidate implications that the capabilities of developing quantum architectures have on blockchain vulnerabilities and mitigation strategies. First, we provide new resource estimates for breaking the 256-bit Elliptic Curve Discrete Logarithm Problem, the core of modern...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•14 views

Kill-Chain Canaries: Stage-Level Tracking of Prompt Injection across Attack Surfaces and Model Safety Tiers

We present a stage-decomposed analysis of prompt injection attacks against five frontier LLM agents. Prior work measures task-level attack success rate ASR; we localize the pipeline stage at which each model's defense activates. We instrument every run with a cryptographic canary token...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•3 views

Uncovering Relationships between Android Developers, User Privacy, and Developer Willingness to Reduce Fingerprinting Risks

The major mobile platforms, Android and iOS, have introduced changes that restrict user tracking to improve user privacy, yet apps continue to covertly track users via device fingerprinting. We study the opportunity to improve this dynamic with a case study on mobile fingerprinting that evaluates...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•3 views

Apple Security Advisory 03-24-2026-10

Apple Security Advisory 03-24-2026-10 - Xcode 26.4 addresses an out of bounds read vulnerabilities...

6.2CVSS5.8AI score0.00112EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•3 views

GMA-SAWGAN-GP: A Novel Data Generative Framework to Enhance IDS Detection Performance

Intrusion Detection System IDS is often calibrated to known attacks and generalizes poorly to unknown threats. This paper proposes GMA-SAWGAN-GP, a novel generative augmentation framework built on a Self-Attention-enhanced Wasserstein GAN with Gradient Penalty WGAN-GP. The generator employs...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•2 views

Label-Efficient Training Updates for Malware Detection over Time

Machine Learning ML-based detectors are becoming essential to counter the proliferation of malware. However, common ML algorithms are not designed to cope with the dynamic nature of real-world settings, where both legitimate and malicious software evolve. This distribution drift causes models...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•6 views

Software Vulnerability Detection Using a Lightweight Graph Neural Network

Large Language Models LLMs have emerged as a popular choice in vulnerability detection studies given their foundational capabilities, open source availability, and variety of models, but have limited scalability due to extensive compute requirements. Using the natural graph relational structure o...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•13 views

libfuse Use-After-Free / NULL Pointer Dereference

Two memory safety vulnerabilities in libfuse's iouring code path introduced in 3.18.0 have been fixed in libfuse 3.18.2. Only the iouring transport is affected; the traditional /dev/fuse path is not. One is a use-after-free in the iouring session shutdown path. A local user can crash the FUSE...

7.8CVSS6.1AI score0.0031EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•3 views

Empowering Mobile Networks Security Resilience by Using Post-Quantum Cryptography

The transition to a cloud-native 5G Service-Based Architecture SBA improves scalability but exposes control-plane signaling to emerging quantum threats, including Harvest-Now, Decrypt-Later HNDL attacks. While NIST has standardized post-quantum cryptography PQC, practical, deployable integration ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•42 views

Debt behind the AI Boom: A Large-Scale Empirical Study of AI-Generated Code in the Wild

AI coding assistants are now widely used in software development. Software developers increasingly integrate AI-generated code into their codebases to improve productivity. Prior studies have shown that AI-generated code may contain code quality issues under controlled settings. However, we still...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•6 views

Apple Security Advisory 03-24-2026-9

Apple Security Advisory 03-24-2026-9 - Safari 26.4 addresses bypass vulnerabilities...

6.5CVSS5.8AI score0.0072EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•3 views

Design Principles for the Construction of a Benchmark Evaluating Security Operation Capabilities of Multi-Agent AI Systems

As Large Language Models LLMs and multi-agent AI systems are demonstrating increasing potential in cybersecurity operations, organizations, policymakers, model providers, and researchers in the AI and cybersecurity communities are interested in quantifying the capabilities of such AI systems to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•6 views

Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems

Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•6 views

Apple Security Advisory 03-24-2026-8

Apple Security Advisory 03-24-2026-8 - visionOS 26.4 addresses bypass, information leakage, null pointer, out of bounds access, and use-after-free vulnerabilities...

9.3CVSS5.8AI score0.00865EPSS
Exploits6
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•4 views

Apple Security Advisory 03-24-2026-5

Apple Security Advisory 03-24-2026-5 - macOS Sonoma 14.8.5 addresses information leakage, integer overflow, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.3CVSS5.8AI score0.01527EPSS
Exploits3
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•2 views

Apple Security Advisory 03-24-2026-3

Apple Security Advisory 03-24-2026-3 - macOS Tahoe 26.4 addresses buffer overflow, bypass, information leakage, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.3CVSS6AI score0.01527EPSS
Exploits6
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•4 views

Apple Security Advisory 03-24-2026-1

Apple Security Advisory 03-24-2026-1 - iOS 26.4 and iPadOS 26.4 addresses buffer overflow, bypass, information leakage, null pointer, out of bounds access, and use-after-free vulnerabilities...

9.8CVSS6AI score0.00865EPSS
Exploits7
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•4 views

Apple Security Advisory 03-24-2026-7

Apple Security Advisory 03-24-2026-7 - watchOS 26.4 addresses information leakage, null pointer, out of bounds access, and use-after-free vulnerabilities...

7.8CVSS5.8AI score0.00865EPSS
Exploits4
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•2 views

Apple Security Advisory 03-24-2026-6

Apple Security Advisory 03-24-2026-6 - tvOS 26.4 addresses information leakage, null pointer, out of bounds access, and use-after-free vulnerabilities...

7.8CVSS5.8AI score0.00865EPSS
Exploits4
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•4 views

Apple Security Advisory 03-24-2026-4

Apple Security Advisory 03-24-2026-4 - macOS Sequoia 15.7.5 addresses information leakage, integer overflow, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.3CVSS5.8AI score0.01527EPSS
Exploits4
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•5 views

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•13 views

Safeguarding LLMs against Misuse and AI-Driven Malware Using Steganographic Canaries

AI-powered malware increasingly exploits cloud-hosted generative-AI services and large language models LLMs as analysis engines for reconnaissance and code generation. Simultaneously, enterprise uploads expose sensitive documents to third-party AI vendors. Both threats converge at the AI service...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/30 12:0 a.m.•5 views

Apple Security Advisory 03-24-2026-2

Apple Security Advisory 03-24-2026-2 - iOS 18.7.7 and iPadOS 18.7.7 addresses bypass, null pointer, out of bounds access, and use-after-free vulnerabilities...

7.5CVSS5.8AI score0.00865EPSS
Exploits5
Packet Storm News
Packet Storm News
•added 2026/03/29 12:0 a.m.•4 views

Secure Reinforcement Learning: On Model-Free Detection of Man in the Middle Attacks

We consider the problem of learning-based man-in-the-middle MITM attacks in cyber-physical systems CPS, and extend our previously proposed Bellman Deviation Detection BDD framework for model-free reinforcement learning RL. We refine the standard MDP attack model by allowing the reward function to...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/29 12:0 a.m.•16 views

Policy-Driven Vulnerability Risk Quantification Framework for Large-Scale Cloud Infrastructure Data Security

The exponential growth of Common Vulnerabilities and Exposures CVE disclosures poses significant challenges for enterprise security management, necessitating automated and quantitative risk assessment methodologies. Existing vulnerability analysis approaches suffer from three critical limitations...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/29 12:0 a.m.•3 views

A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework

AI agent frameworks connecting large language model LLM reasoning to host execution surfaces--shell, filesystem, containers, and messaging--introduce security challenges structurally distinct from conventional software. We present a systematic taxonomy of 190 advisories filed against OpenClaw, an...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/29 12:0 a.m.•6 views

Hidden Ads: Behavior Triggered Semantic Backdoors for Advertisement Injection in Vision Language Models

Vision-Language Models VLMs are increasingly deployed in consumer applications where users seek recommendations about products, dining, and services. We introduce Hidden Ads, a new class of backdoor attacks that exploit this recommendation-seeking behavior to inject unauthorized advertisements...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/28 12:0 a.m.•5 views

Red-MIRROR: Agentic LLM-Based Autonomous Penetration Testing with Reflective Verification and Knowledge-Augmented Interaction

Web applications remain the dominant attack surface in cybersecurity, where vulnerabilities such as SQL injection, XSS, and business logic flaws continue to cause significant data breaches. While penetration testing is effective for identifying these weaknesses, traditional manual approaches are...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/28 12:0 a.m.•17 views

Context-Aware Phishing Email Detection Using Machine Learning and NLP

Phishing attacks remain among the most prevalent cybersecurity threats, causing significant financial losses for individuals and organizations worldwide. This paper presents a machine learning-based phishing email detection system that analyzes email body content using natural language processing...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/28 12:0 a.m.•14 views

Quantum Bit Error Rate Analysis in BB84 Quantum Key Distribution: Measurement, Statistical Estimation, and Eavesdropping Detection

Quantum Key Distribution QKD provides information-theoretic security by exploiting the principles of quantum mechanics. Among QKD protocols, the BB84 scheme remains the most widely adopted for both theoretical research and practical implementation. A critical parameter determining the reliability...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/28 12:0 a.m.•6 views

SafeClaw-R: Towards Safe and Secure Multi-Agent Personal Assistants

LLM-based multi-agent systems MASs are transforming personal productivity by autonomously executing complex, cross-platform tasks. Frameworks such as OpenClaw demonstrate the potential of locally deployed agents integrated with personal data and services, but this autonomy introduces significant...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/28 12:0 a.m.•40 views

Finding Memory Leaks in C/C++ Programs Via Neuro-Symbolic Augmented Static Analysis

Memory leaks remain prevalent in real-world C/C++ software. Static analyzers such as CodeQL provide scalable program analysis but frequently miss such bugs because they cannot recognize project-specific custom memory-management functions and lack path-sensitive control-flow modeling. We present...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•19 views

Detecting Protracted Vulnerabilities in Open Source Projects

Timely resolution and disclosure of vulnerabilities are essential for maintaining the security of open-source software. However, many vulnerabilities remain unreported, unpatched, or undisclosed for extended periods, exposing users to prolonged security threats. While various vulnerability...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•9 views

Nmap Port Scanner 7.99

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols UDP, TCP, ICMP, etc...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•26 views

Clawed and Dangerous: Can We Trust Open Agentic Systems?

Open agentic systems combine LLM-based planning with external capabilities, persistent memory, and privileged execution. They are used in coding assistants, browser copilots, and enterprise automation. OpenClaw is a visible instance of this broader class. Without much attention yet, their securit...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•4 views

vulnx 2.0.1

vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•4 views

Stegano 2.4.1

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•2 views

SPARK: Secure Predictive Autoscaling for Robust Kubernetes

Achieving high availability and robust security in Kubernetes requires more than reactive scaling and standard perimeter firewalls. Traditional autoscalers, such as HPA, often fail to react quickly to traffic spikes and cannot distinguish between legitimate flash crowds and DDoS attacks. We prese...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•3 views

Machine Learning Transferability for Malware Detection

Malware continues to be a predominant operational risk for organizations, especially when obfuscation techniques are used to evade detection. Despite the ongoing efforts in the development of Machine Learning ML detection approaches, there is still a lack of feature compatibility in public...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/27 12:0 a.m.•9 views

strongSwan CVE-2026-25075 Vulnerability Assessment Tool

This tool allows you to safely detect whether a strongSwan VPN server is vulnerable to CVE-2026-25075 without causing any disruption. CVE-2026-25075 is an integer underflow vulnerability in strongSwan's EAP-TTLS plugin that allows remote, unauthenticated attackers to crash the IKE daemon through ...

8.7CVSS5.9AI score0.01013EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•3 views

A Large-Scale Empirical Study on the Generalizability of Disclosed Java Library Vulnerability Exploits

Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation that exploits are version-specific and cannot be directly...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•5 views

FreeBSD Security Advisory - FreeBSD-SA-26:07.nvmf

FreeBSD Security Advisory - On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID...

7.5CVSS5.9AI score0.00367EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•5 views

PIDP-Attack: Combining Prompt Injection with Database Poisoning Attacks on Retrieval-Augmented Generation Systems

Large Language Models LLMs have demonstrated remarkable performance across a wide range of applications. However, their practical deployment is often hindered by issues such as outdated knowledge and the tendency to generate hallucinations. To address these limitations, Retrieval-Augmented...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•6 views

TOR Virtual Network Tunneling Tool 0.4.9.6

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•4 views

Unicornscan 0.4.52

Unicornscan is an information gathering and correlation engine built for and by members of the security research and testing communities. It was designed to provide an engine that is Scalable, Accurate, Flexible, and Efficient. It is released for the community to use under the terms of the GPL...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•5 views

vulnx 2.0.0

vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•6 views

Usability of Passwordless Authentication in Wi-Fi Networks: A Comparative Study of Passkeys and Passwords in Captive Portals

Passkeys have recently emerged as a passwordless authentication mechanism, yet their usability in captive portals remains unexplored. This paper presents an empirical, comparative usability study of passkeys and passwords in a Wi-Fi hotspot using a captive portal. We conducted a controlled...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•4 views

WPProbe Plugin Enumeration Tool 0.11.3

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•6 views

Beyond Content Safety: Real-Time Monitoring for Reasoning Vulnerabilities in Large Language Models

Large language models LLMs increasingly rely on explicit chain-of-thought CoT reasoning to solve complex tasks, yet the safety of the reasoning process itself remains largely unaddressed. Existing work on LLM safety focuses on content safety--detecting harmful, biased, or factually incorrect...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/26 12:0 a.m.•7 views

Kardashev Scale Quantum Computing for Bitcoin Mining

Bitcoin already faces a quantum threat through Shor attacks on elliptic-curve signatures. This paper isolates the other component that public discussion often conflates with it: mining. Grover's algorithm halves the exponent of brute-force search, promising a quadratic edge to any quantum miner o...

5.9AI score
Exploits0
Total number of security vulnerabilities6803