Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
•added 2026/03/04 12:0 a.m.•4 views

ShieldBypass: On the Persistence of Impedance Leakage beyond EM Shielding

Electromagnetic EM shielding is widely used to suppress radiated emissions and limit passive EM side-channel leakage. However, shielding does not address active probing, where an adversary injects external radio-frequency RF signals and observes the device's reflective response. This work studies...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/04 12:0 a.m.•4 views

Impact of 5G SA Logical Vulnerabilities on UAV Communications: Threat Models and Testbed Evaluation

This paper examines how logical vulnerabilities in 5G Standalone networks affect UAV command and control communication. The study looks at three attacker positions in the architecture: a malicious user equipment UE connected to the same logical network as the UAV, an attacker with access to the 5...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•3 views

Regenerator 2000

Regenerator 2000 is an interactive disassembler for the CPU 6502, focused mostly on Commodore 8-bit computers. Features a TUI with modern features like x-ref, undo/redo, arrows, keyboard-driven, mcp server, VICE debugger and more! This is the coolest thing we have added to the archive today...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•4 views

STARDIS: Strategic Scheduling and Deceptive Signaling for Satellite Intrusion Detection System Deployment

Satellite communication networks operate under stringent computational constraints and are susceptible to sophisticated cyberattacks. This paper introduces a novel defense framework that decouples security optimization into ground-based analysis and onboard real-time execution. In the long-term...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•9 views

Recovery-Induced Erasure Attack on QKD Systems

Detector dead time is typically treated as a fixed parameter in quantum key distribution QKD security analyses. In practice, however, the effective recovery time of single-photon avalanche photodiodes SPADs depends on the incident count rate. In this work, we demonstrate that this...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•13 views

Gravity Falls: A Comparative Analysis of Domain-Generation Algorithm (DGA) Detection Methods for Mobile Device Spearphishing

Mobile devices are frequent targets of eCrime threat actors through SMS spearphishing smishing links that leverage Domain Generation Algorithms DGA to rotate hostile infrastructure. Despite this, DGA research and evaluation largely emphasize malware C2 and email phishing datasets, leaving limited...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•5 views

Google Chrome 145.0.7632.117 WebGPU Tint Security Test

This is a proof of concept designed to test how the WebGPU Tint compiler handles an out-of-bounds memory access attempt in WGSL. The shader intentionally uses an invalid array index to simulate an out-of-bounds write operation. The purpose is to observe whether WebGPU validation, sandboxing, and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•4 views

Multi-Agent Honeypot-Based Request-Response Context Dataset for Improved SQL Injection Detection Performance

SQL injection remains a major threat to web applications, as existing defenses often fail against obfuscation and evolving attacks because of neglecting the request-response context. This paper presents a context-enriched SQL injection detection framework, focusing on constructing a high-quality...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•5 views

Internet Malware Propagation: Dynamics and Control through SEIRV Epidemic Model with Relapse and Intervention

Malware attacks in today's vast digital ecosystem pose a serious threat. Understanding malware propagation dynamics and designing effective control strategies are therefore essential. In this work, we propose a generic SEIRV model formulated using ordinary differential equations to study malware...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•17 views

DKD-KAN: A Lightweight Knowledge-Distilled KAN Intrusion Detection Framework, Based on MLP and KAN

Cyber-security systems often operate in resource-constrained environments, such as edge environments and real-time monitoring systems, where model size and inference time are crucial. A light-weight intrusion detection framework is proposed that utilizes the Kolmogorov-Arnold Network KAN to captu...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•6 views

Scores Know Bobs Voice: Speaker Impersonation Attack

Advances in deep learning have enabled the widespread deployment of speaker recognition systems SRSs, yet they remain vulnerable to score-based impersonation attacks. Existing attacks that operate directly on raw waveforms require a large number of queries due to the difficulty of optimizing in...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•3 views

Blockchain Communication Vulnerabilities

Blockchains are diverse in the way they handle communications between their nodes to disseminate information, mitigate attacks, and agree on the next block. While security vulnerabilities have been identified, they rely on an attack custom-made for a specific blockchain communication protocol. To...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/03 12:0 a.m.•41 views

Kraken: Higher-Order EM Side-Channel Attacks on DNNs in near and Far Field

The multi-million dollar investment required for modern machine learning ML has made large ML models a prime target for theft. In response, the field of model stealing has emerged. Attacks based on physical side-channel information have shown that DNN model extraction is feasible, even on CUDA...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•16 views

Exploiting PendingIntent Provenance Confusion to Spoof Android SDK Authentication

A single authentication bypass in a partner SDK grants attackers the identity of every partner in the ecosystem -- and millions of apps use SDKs with exactly this vulnerability. OWASP's 2024 Mobile Top 10 ranks Inadequate Supply Chain Security as the second most critical mobile risk, explicitly...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•3 views

WordPress Slider‑Future 1.0.5 Exposure Scanner

This Metasploit auxiliary module is designed to detect exposure of the WordPress Slider‑Future plugin REST endpoint at /wp-json/slider-future/v1/upload-image/. The module performs a non-intrusive HTTP request OPTIONS method to determine whether the endpoint is accessible. It does not upload files...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•12 views

Extending the Formalism and Theoretical Foundations of Cryptography to AI

Recent progress in Large Language Models LMs has enabled the development of autonomous LM-based agents capable of executing complex tasks with minimal supervision. These agents have started to be integrated into systems with significant autonomy and authority. The security community has been...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•9 views

Comparison of Credential Management Systems Based on the Standards of IEEE, ETSI, and YD/T 3957-2021

As V2X Vehicle-to-Everything technology becomes increasingly prevalent, the security of V2X networks has garnered growing attention worldwide. In North America, the IEEE 1609 series standards are primarily used, while Europe adopts the ETSI series standards, and China has also established its...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•3 views

SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods

The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•5 views

Can LLMs Hack Enterprise Networks? -- Replicated Computational Results (RCR) Report

This is the Replicated Computational Results RCR Report for the paper "Can LLMs Hack Enterprise Networks?" The paper empirically investigates the efficacy and effectiveness of different LLMs for penetration-testing enterprise networks, i.e., Microsoft Active Directory Assumed-Breach Simulations...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•3 views

Tinc Virtual Private Network Daemon 1.0.37

tinc is a Virtual Private Network VPN daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•7 views

Phishing the Phishers with SpecularNet: Hierarchical Graph Autoencoding for Reference-Free Web Phishing Detection

Phishing remains the most pervasive threat to the Web, enabling large-scale credential theft and financial fraud through deceptive webpages. While recent reference-based and generative-AI-driven phishing detectors achieve strong accuracy, their reliance on external knowledge bases, cloud services...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•14 views

TraceGuard: Process-Guided Firewall against Reasoning Backdoors in Large Language Models

The deployment of Large Reasoning Models LRMs in high-stakes decision-making pipelines has introduced a novel and opaque attack surface: reasoning backdoors. In these attacks, the model's intermediate Chain-of-Thought CoT is manipulated to provide a linguistically plausible but logically fallacio...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•57 views

ZeroDayBench: Evaluating LLM Agents on Unseen Zero-Day Vulnerabilities for Cyberdefense

Large language models LLMs are increasingly being deployed as software engineering agents that autonomously contribute to repositories. A major benefit these agents present is their ability to find and patch security vulnerabilities in the codebases they oversee. To estimate the capability of...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/02 12:0 a.m.•3 views

ClawShield 1.0.0

ClawShield is a security proxy for AI agents. It scans all inbound and outbound messages for prompt injection, PII leaks, and secrets...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•3 views

Power Network SCADA Quantum Communications: A Comparison of BB84, B92, E91, and SGS04 Quantum Key Distribution Protocols

The current state, emerging trends, and practical challenges of optical fiber-based power network SCADA quantum communication must be addressed to fully utilise the technological platform's potential in real-world power system SCADA communications involving massive volumes of real-time data, as...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•2 views

Quantifying Frontier LLM Capabilities for Container Sandbox Escape

Large language models LLMs increasingly act as autonomous agents, using tools to execute code, read and write files, and access networks, creating novel security risks. To mitigate these risks, agents are commonly deployed and evaluated in isolated "sandbox" environments, often implemented using...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•4 views

QSpy: A Quantum RAT for Circuit Spying and IP Theft

As quantum computing platforms increasingly adopt cloud-based execution, users submit quantum circuits to remote compilers and backends, trusting that what they submit is exactly what will be run. This shift introduces new trust assumptions in the submission pipeline, which remain largely...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•6 views

A Systematic Study of LLM-Based Architectures for Automated Patching

Large language models LLMs have shown promise for automated patching, but their effectiveness depends strongly on how they are integrated into patching systems. While prior work explores prompting strategies and individual agent designs, the field lacks a systematic comparison of patching...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•5 views

Jailbreaking Embodied LLMs Via Action-Level Manipulation

Embodied Large Language Models LLMs enable AI agents to interact with the physical world through natural language instructions and actions. However, beyond the language-level risks inherent to LLMs themselves, embodied LLMs with real-world actuation introduce a new vulnerability: instructions tha...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•18 views

On the Practical Feasibility of Harvest-Now, Decrypt-Later Attacks

Harvest-now, decrypt-later HN-DL attacks threaten today's encrypted communications by archiving ciphertext until a quantum computer can break the underlying key exchange. This paper reframes HN-DL as an economic problem, quantifying adversary costs across Transport Layer Security TLS 1.2, TLS 1.3...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•10 views

VEcho: A Paradigm Shift from Vulnerability Verification to Proactive Discovery with Large Language Models

Static Application Security Testing SAST tools often suffer from high false positive rates, leading to alert fatigue that consumes valuable auditing resources. Recent efforts leveraging Large Language Models LLMs as filters offer limited improvements; however, these methods treat LLMs as passive,...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•4 views

Extending Adaptive Cruise Control with Machine Learning Intrusion Detection Systems

An Adaptive Cruise Control ACC system automatically adjusts the host vehicle's speed to maintain a safe following distance from a lead vehicle. In typical implementations, a feedback controller e.g., a Proportional-Integral-Derivative PID controller computes the host vehicle's acceleration using ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•3 views

ATLAS: AI-Assisted Threat-To-Assertion Learning for System-On-Chip Security Verification

This work presents ATLAS, an LLM-driven framework that bridges standardized threat modeling and property-based formal verification for System-on-Chip SoC security. Starting from vulnerability knowledge bases such as Common Weakness Enumeration CWE, ATLAS identifies SoC-specific assets, maps...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/03/01 12:0 a.m.•30 views

AWE: Adaptive Agents for Dynamic Web Penetration Testing

Modern web applications are increasingly produced through AI-assisted development and rapid no-code deployment pipelines, widening the gap between accelerating software velocity and the limited adaptability of existing security tooling. Pattern-driven scanners fail to reason about novel contexts,...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•6 views

AMDS: Attack-Aware Multi-Stage Defense System for Network Intrusion Detection with Two-Stage Adaptive Weight Learning

Machine learning based network intrusion detection systems are vulnerable to adversarial attacks that degrade classification performance under both gradient-based and distribution shift threat models. Existing defenses typically apply uniform detection strategies, which may not account for...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•9 views

Time Stepped Cyber Physical Simulation of DoS, DoD, and FDI Attacks on the IEEE 14 Bus System

Reliable grid operation depends on accurate and timely telemetry, making modern power systems vulnerable to communication layer cyberattacks. This paper evaluates how Denial of Service DoS, Denial of Data DoD, and False Data Injection FDI attacks disrupt the IEEE 14 bus system using a MATLAB only...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•4 views

How the Graph Construction Technique Shapes Performance in IoT Botnet Detection

The increasing incidence of IoT-based botnet attacks has driven interest in advanced learning models for detection. Recent efforts have focused on leveraging attention mechanisms to model long-range feature dependencies and Graph Neural Networks GNNs to capture relationships between data instance...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•4 views

Atomicity for Agents: Exposing, Exploiting, and Mitigating TOCTOU Vulnerabilities in Browser-Use Agents

Browser-use agents are widely used for everyday tasks. They enable automated interaction with web pages through structured DOM based interfaces or vision language models operating on page screenshots. However, web pages often change between planning and execution, causing agents to execute action...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•7 views

IU: Imperceptible Universal Backdoor Attack

Backdoor attacks pose a critical threat to the security of deep neural networks, yet existing efforts on universal backdoors often rely on visually salient patterns, making them easier to detect and less practical at scale. In this work, we introduce a novel imperceptible universal backdoor attac...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•5 views

Clawdrain: Exploiting Tool-Calling Chains for Stealthy Token Exhaustion in OpenClaw Agents

Modern generative agents such as OpenClaw - an open-source, self-hosted personal assistant with a community skill ecosystem, are gaining attention and are used pervasively. However, the openness and rapid growth of these ecosystems often outpace systematic security evaluation. In this paper, we...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/28 12:0 a.m.•5 views

Security Is Not Enough: Privacy in Encryption Regulation and Lawful-Surveillance Protocols

This article argues that security is not enough to fully capture what is at stake in government exceptional access to encrypted data. A conception of privacy as security has little to say about "lawful-surveillance protocols'' -- an active research agenda in cryptography that aims to enable...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•9 views

Quantifying Catastrophic Forgetting in IoT Intrusion Detection Systems

Distribution shifts in attack patterns within RPL-based IoT networks pose a critical threat to the reliability and security of large-scale connected systems. Intrusion Detection Systems IDS trained on static datasets often fail to generalize to unseen threats and suffer from catastrophic forgetti...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•17 views

BeyondTrust RS 25.3.1 PRA/RS Mass Scanner

This Metasploit module is a safe auxiliary scanner for the Metasploit Framework designed to identify potentially vulnerable deployments of BeyondTrust Privileged Remote Access and BeyondTrust Remote Support that are susceptible to CVE-2026-1731...

9.9CVSS6.1AI score0.88115EPSS
Exploits11
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•6 views

Jailbreak Foundry: From Papers to Runnable Attacks for Reproducible Benchmarking

Jailbreak techniques for large language models LLMs evolve faster than benchmarks, making robustness estimates stale and difficult to compare across papers due to drift in datasets, harnesses, and judging protocols. We introduce JAILBREAK FOUNDRY JBF, a system that addresses this gap via a...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•6 views

Exploring Robust Intrusion Detection: A Benchmark Study of Feature Transferability in IoT Botnet Attack Detection

Cross-domain intrusion detection remains a critical challenge due to significant variability in network traffic characteristics and feature distributions across environments. This study evaluates the transferability of three widely used flow-based feature sets Argus, Zeek and CICFlowMeter across...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•2 views

Neurosymbolic Learning for Advanced Persistent Threat Detection under Extreme Class Imbalance

The growing deployment of Internet of Things IoT devices in smart cities and industrial environments increases vulnerability to stealthy, multi-stage advanced persistent threats APTs that exploit wireless communication. Detection is challenging due to severe class imbalance in network traffic,...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•6 views

Empowering Future Cybersecurity Leaders: Advancing Students through FINDS Education for Digital Forensic Excellence

The Forensics Investigations Network in Digital Sciences FINDS Research Center of Excellence CoE, funded by the U.S. Army Research Laboratory, advances Digital Forensic Engineering Education DFEE through an integrated research education framework for AI enabled cybersecurity workforce development...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•10 views

Formal Analysis and Supply Chain Security for Agentic AI Skills

The rapid proliferation of agentic AI skill ecosystems -- exemplified by OpenClaw 228,000 GitHub stars and Anthropic Agent Skills 75,600 stars -- has introduced a critical supply chain attack surface. The ClawHavoc campaign January-February 2026 infiltrated over 1,200 malicious skills into the...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/27 12:0 a.m.•4 views

Darktrace Annual Threat Report 2026

The Darktrace Annual Threat Report 2026 reinforces a reality every CISO feels: the center of gravity isn't the perimeter, vulnerability management, or malware, but trust abused via identity. Their analysis found that nearly 70% of incidents in the Americas region begin with stolen or misused...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/02/26 12:0 a.m.•6 views

ThreatFormer-IDS: Robust Transformer Intrusion Detection with Zero-Day Generalization and Explainable Attribution

Intrusion detection in IoT and industrial networks requires models that can detect rare attacks at low false-positive rates while remaining reliable under evolving traffic and limited labels. Existing IDS solutions often report strong in-distribution accuracy, but they may degrade when evaluated ...

5.9AI score
Exploits0
Total number of security vulnerabilities6803