Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.3 views

Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.3 views

Botan C++ Crypto Algorithms Library 3.11.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.3 views

Stegano 2.3.0

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.5 views

ClawWorm: Self-Propagating Attacks across LLM Agent Ecosystems

Autonomous LLM-based agents increasingly operate as long-running processes forming densely interconnected multi-agent ecosystems, whose security properties remain largely unexplored. In particular, OpenClaw, an open-source platform with over 40,000 active instances, has stood out recently with it...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/15 12:0 a.m.4 views

Toward Secure Web to ERP Payment Flows: A Case Study of HTTP Header Trust Failures in SAP Based Systems

Electronic banking portals often sit in front of enterprise resource planning ERP systems such as SAP, mediating payment requests between users and back end financial infrastructure. When these integrations place excessive trust in client supplied HTTP metadata, subtle design flaws can arise that...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/15 12:0 a.m.8 views

When Scanners Lie: Evaluator Instability in LLM Red-Teaming

Automated LLM vulnerability scanners are increasingly used to assess security risks by measuring different attack type success rates ASR. Yet the validity of these measurements hinges on an often-overlooked component: the evaluator who determines whether an attack has succeeded. In this study, we...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/15 12:0 a.m.4 views

Activation Surgery: Jailbreaking White-Box LLMs without Touching the Prompt

Most jailbreak techniques for Large Language Models LLMs primarily rely on prompt modifications, including paraphrasing, obfuscation, or conversational strategies. Meanwhile, abliteration techniques also known as targeted ablations of internal components have been used to study and explain LLM...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/14 12:0 a.m.3 views

Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence

YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/14 12:0 a.m.4 views

Experimental Evaluation of Security Attacks on Self-Driving Car Platforms

Deep learning-based perception pipelines in autonomous ground vehicles are vulnerable to both adversarial manipulation and network-layer disruption. We present a systematic, on-hardware experimental evaluation of five attack classes: FGSM, PGD, man-in-the-middle MitM, denial-of-service DoS, and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.3 views

Apple Security Advisory 03-11-2026-1

Apple Security Advisory 03-11-2026-1 - iOS 16.7.15 and iPadOS 16.7.15 addresses memory corruption issues...

8.8CVSS6.8AI score0.00885EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Graph Neural Network-Based DDoS Protection for Data Center Infrastructure

In light of rising cybersecurity threats, data center providers face growing pressure to protect their own management infrastructure from Distributed Denial-of-Service DDoS attacks. While tenant-managed cages generally fall outside the data center's direct security purview, a successful DDoS...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Apple Security Advisory 03-11-2026-2

Apple Security Advisory 03-11-2026-2 - iOS 15.8.7 and iPadOS 15.8.7 addresses code execution and use-after-free vulnerabilities...

8.8CVSS7.4AI score0.10593EPSS
Exploits10
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Windows File Explorer NTLM Forced Authentication Hash Disclosure 1.0

Windows File Explorer contains persistent forced authentication behavior that automatically transmits NTLM challenge-response hashes to remote SMB/WebDAV endpoints during routine file operations, enabling credential theft and potential domain compromise through NTLM relay attacks. This is not an...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.3 views

Microsoft Windows Registry Editor Version 5.00 Malicious Registry File Generator

This script generates a malicious Windows Registration Entries .reg file designed to establish persistence on Windows systems. It creates a registry file that, when executed by a user, adds the attacker's payload to Windows auto-run registry keys. Written in PHP...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Quantum CDMA-Based Continuous Variable Quantum Key Distribution Using Chaotic Phase Shifters

We present a quantum code-division multiple-access q-CDMA framework for multiuser continuous-variable quantum key distribution CV-QKD over a shared quantum channel. The proposed architecture employs chaotic phase shifters to encode and decode quantum states, enabling efficient multiplexing and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

FoSAM: Forward Secret Messaging in Ad-Hoc Networks

Apps such as Firechat and Bridgefy have been used during recent protests in Hong Kong and Iran, as they allow communication over ad-hoc wireless networks even when internet access is restricted. However, these apps do not provide sufficient protection as they do not achieve forward secrecy in...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.5 views

American Fuzzy Lop plus plus 4.40c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.5 views

WebGPU Resource Isolation Auditor

This WebGPU security javascript confirms that memory isolation between buffers is fully enforced. It does not exploit any vulnerability but rather demonstrates that behavior is working as expected. It validates that attempts to read or write outside of Buffer A's bounds are safely handled by eith...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.6 views

OpenSSL Security Advisory 20260313

OpenSSL Security Advisory 20260313 - An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...

5.8AI score0.00435EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.6 views

Microsoft Windows Image File Execution Options (IFEO) Persistence

This PHP script leverages legitimate Windows debugging features to establish persistent remote access. This technique leverages the Image File Execution Options IFEO registry keys to configure a monitor process that automatically executes when a specified target process exits. Windows allows...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.10 views

Ransomware and Artificial Intelligence: A Comprehensive Systematic Review of Reviews

This study provides a comprehensive synthesis of Artificial Intelligence AI, especially Machine Learning ML and Deep Learning DL, in ransomware defense. Using a "review of reviews" methodology based on PRISMA, this paper gathers insights on how AI is transforming ransomware detection, prevention,...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.4 views

Defensible Design for OpenClaw: Securing Autonomous Tool-Invoking Agents

OpenClaw-like agents offer substantial productivity benefits, yet they are insecure by default because they combine untrusted inputs, autonomous action, extensibility, and privileged system access within a single execution loop. We use OpenClaw as an exemplar of a broader class of agents that...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.6 views

Microsoft Windows Malicious Script File Generator

This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/13 12:0 a.m.3 views

Microsoft Windows Service Binary Misconfiguration Tester

This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.14 views

Agent Privilege Separation in OpenClaw: A Structural Defense against Prompt Injection

Prompt injection remains one of the most practical attack vectors against LLM-integrated applications. We replicate the Microsoft LLMail-Inject benchmark Greshake et al., 2024 against current generation models running inside OpenClaw, an open source multitool agent platform. Our proposed defense...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.23 views

OpenClaw PRISM: A Zero-Fork, Defense-In-Depth Runtime Security Layer for Tool-Augmented LLM Agents

Tool-augmented LLM agents introduce security risks that extend beyond user-input filtering, including indirect prompt injection through fetched content, unsafe tool execution, credential leakage, and tampering with local control files. We present OpenClaw PRISM, a zero-fork runtime security layer...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

Microsoft Windows Service Installation Persistence

This is a Microsoft Windows persistent service installer for creating backdoor services that automatically start payloads upon system boot. This tool is designed for authorized penetration testing and security research purposes. This variant from the author is written in PHP...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.3 views

Systematic Security Analysis of the Iridium Satellite Radio Link

The Iridium Low Earth Orbit LEO satellite constellation remains a unique provider of global communications for critical industries, governments, and private users, serving over 2.5 million active subscribers despite recent market competition. In contrast to terrestrial wireless standards such as...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

Microsoft Windows 11 24H2 NTLM Relay Orchestrator Privilege Escalation

This Metasploit module checks the SMB Signing status on remote targets. If signing is not required, the target is vulnerable to NTLM Relay attacks. It serves as an automated pre-flight check for relay operations...

8.8CVSS5.8AI score0.64987EPSS
Exploits6
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.2 views

nah Claude Code Tool

Claude Code's permission system is allow-or-deny per tool, but that doesn't really scale. Deleting some files is fine sometimes. And git checkout is sometimes catastrophic. Even when you curate permissions, 200 IQ Opus can find a way around it. Maintaining a deny list is a fool’s errand. What's...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.6 views

Microsoft Windows Service Installation Persistence

This Metasploit module creates a persistent Windows service using multiple methods. It supports PowerShell, SC.exe, and WMI methods for service creation...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.36 views

Taming OpenClaw: Security Analysis and Mitigation of Autonomous LLM Agent Threats

Autonomous Large Language Model LLM agents, exemplified by OpenClaw, demonstrate remarkable capabilities in executing complex, long-horizon tasks. However, their tightly coupled instant-messaging interaction paradigm and high-privilege execution capabilities substantially expand the system attack...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.22 views

Security Considerations for Artificial Intelligence Agents

This article, a lightly adapted version of Perplexity's response to NIST/CAISI Request for Information 2025-0035, details our observations and recommendations concerning the security of frontier AI agents. These insights are informed by Perplexity's experience operating general-purpose agentic...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.6 views

Keys on Doormats: Exposed API Credentials on the Web

Application programming interfaces APIs have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This interaction often occurs through authentication mechanisms tha...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

RadEar: A Self-Supervised RF Backscatter System for Voice Eavesdropping and Separation

Eavesdropping on voice conversations presents a growing threat to personal privacy and information security. In this paper, we present RadEar, a novel RF backscatter-based system designed to enable covert voice eavesdropping through walls. RadEar consists of two key components: i a batteryless RF...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.5 views

Phrack 73 Call for Papers

Phrack has announced their Call For Papers for Phrack issue 73. If you do cutting edge security research, you should write for Phrack. It is widely regarded as an unparalleled resource in the security community...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.8 views

Internet-Scale Measurement of React2Shell Exploitation Using an Active Network Telescope

The increasing adoption of server-side component-based web frameworks has introduced new application-layer attack surfaces that remain insufficiently understood at Internet scale. On 3 December 2025, a critical remote code execution vulnerability CVE-2025-55182 in React Server Components, referre...

10CVSS7.6AI score0.99562EPSS
Exploits374
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.10 views

Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications

This report introduces the concept of "Highly Autonomous Cyber-Capable Agents" HACCAs, AI systems capable of autonomously conducting multi-stage cyber campaigns at a level comparable to today's top criminal hacking groups or state-affiliated threat actors, and analyzes the security implications o...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

On the Possible Detectability of Image-In-Image Steganography

This paper investigates the detectability of popular imagein-image steganography schemes 1, 2, 3, 4, 5. In this paradigm, the payload is usually an image of the same size as the Cover image, leading to very high embedding rates. We first show that the embedding yields a mixing process that is...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

AEGIS: No Tool Call Left Unchecked -- a Pre-Execution Firewall and Audit Layer for AI Agents

AI agents increasingly act through external tools: they query databases, execute shell commands, read and write files, and send network requests. Yet in most current agent stacks, model-generated tool calls are handed to the execution layer with no framework-agnostic control point in between...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.12 views

ChainFuzzer: Greybox Fuzzing for Workflow-Level Multi-Tool Vulnerabilities in LLM Agents

Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool, enabling exploitable source-to-sink dataflows that only...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.3 views

Microsoft Windows 11 Build 26200 File Explorer Auditor

This Metasploit module provides a defensive pre-execution assessment for the Windows vulnerability where File Explorer fails to properly restrict access to sensitive system locations...

7.2CVSS5.8AI score0.0491EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.4 views

Microsoft Windows Active Setup Persistence Module

This Metasploit module leverages the Windows Active Setup mechanism to establish persistence while integrating multiple evasion and stealth techniques designed to reduce forensic visibility and bypass detection mechanisms...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/12 12:0 a.m.5 views

Automatic Attack Script Generation: A MDA Approach

It is widely recognized that practical exercises are crucial for teaching cybersecurity in higher education. However, their setup is not only expensive, time-consuming, and prone to numerous errors, but also requires technical and programming skills to create attack contexts and scripts. To...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.6 views

Microsoft Graph Enterprise Intelligence Collector

This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.5 views

Multi‑Layer Encrypted Python Payload Loader AES‑GCM + XOR + Zlib

This Python script acts as a loader that decrypts and executes a protected Python payload using multiple cryptographic and obfuscation layers. The program first requests a password from the user and derives a 256‑bit encryption key using PBKDF2 with a fixed salt salt123. The encrypted payload is...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.10 views

VisualLeakBench: Auditing the Fragility of Large Vision-Language Models against PII Leakage and Social Engineering

As Large Vision-Language Models LVLMs are increasingly deployed in agent-integrated workflows and other deployment-relevant settings, their robustness against semantic visual attacks remains under-evaluated -- alignment is typically tested on explicit harmful content rather than privacy-critical...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.9 views

MirrorDrift: Actuated Mirror-Based Attacks on LiDAR SLAM

LiDAR SLAM provides high-accuracy localization but is fragile to point-cloud corruption because scan matching assumes geometric consistency. Prior physical attacks on LiDAR SLAM largely rely on LiDAR spoofing via external signal injection, which requires sensor-specific timing knowledge and is...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.4 views

Don't Let the Claw Grip Your Hand: A Security Analysis and Defense Framework for OpenClaw

Code agents powered by large language models can execute shell commands on behalf of users, introducing severe security vulnerabilities. This paper presents a two-phase security analysis of the OpenClaw platform. As an open-source AI agent framework that operates locally, OpenClaw can be integrat...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/11 12:0 a.m.4 views

Human Presence Detection Via Wi-Fi Range-Filtered Doppler Spectrum on Commodity Laptops

Human Presence Detection HPD is key to enable intelligent power management and security features in everyday devices. In this paper we propose the first HPD solution that leverages monostatic Wi-Fi sensing and detects user position using only the built-in Wi-Fi hardware of a device, with no need...

5.8AI score
Exploits0
Total number of security vulnerabilities6803