Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.22 views

Wireshark Analyzer 4.6.4

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

7.5CVSS6AI score0.00184EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

Cryptographic Fragility of Standard Quantum Repeater Protocols

The security of the proposed quantum Internet relies on repeater protocols designed under the assumption of stochastic, characterizable noise. We demonstrate that in adversarial environments this assumption induces performance vulnerabilities for computationally bounded repeater nodes. We show th...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.21 views

Cybersecurity of Teleoperated Quadruped Robots: A Systematic Survey of Vulnerabilities, Threats, and Open Defense Gaps

Teleoperated quadruped robots are increasingly deployed in safety-critical missions -- industrial inspection, military reconnaissance, and emergency response -- yet the security of their communication and control infrastructure remains insufficiently characterized. Quadrupeds present distinct...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs

The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable FAIR principles guide the...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

RandSet: Randomized Corpus Reduction for Fuzzing Seed Scheduling

Seed explosion is a fundamental problem in fuzzing seed scheduling, where a fuzzer maintains a huge corpus and fails to choose promising seeds. Existing works focus on seed prioritization but still suffer from seed explosion since corpus size remains huge. We tackle this from a new perspective:...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.16 views

Eve'S Forgery Probability from Her False Acceptance Probability: Interactive Authentication, Holevo Information and the Min-Entropy

We obtain estimates for Eve's forgery probability, namely the probability that she is able to forge a message which Alice or Bob mistakenly accept over a noisy Quantum channel for generating a shared Quantum secret key. This probability is related to Eve's success probability obtained in a previo...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.5 views

Lifecycle-Integrated Security for AI-Cloud Convergence in Cyber-Physical Infrastructure

The convergence of Artificial Intelligence AI inference pipelines with cloud infrastructure creates a dual attack surface where cloud security standards and AI governance frameworks intersect without unified enforcement mechanisms. AI governance, cloud security, and industrial control system...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.15 views

Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection

We introduce Reverse CAPTCHA, an evaluation framework that tests whether large language models follow invisible Unicode-encoded instructions embedded in otherwise normal-looking text. Unlike traditional CAPTCHAs that distinguish humans from machines, our benchmark exploits a capability gap: model...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.7 views

OpenAI - Disrupting Malicious Uses of Our Models

This is the February, 2026 report from OpenAI that discusses their work in disrupting malicious use of their models...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.4 views

Strengthening Security and Noise Resistance in One-Way Quantum Key Distribution Protocols through Hypercube-Based Quantum Walks

Quantum Key Distribution QKD is a foundational cryptographic protocol that ensures information-theoretic security. However, classical protocols such as BB84, though favored for their simplicity, offer limited resistance to eavesdropping, and perform poorly under realistic noise conditions. Recent...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.6 views

RTSP Unauthenticated Stream Exposure Checker

This Python script uses the OpenCV library cv2 to test whether an IP camera exposes its RTSP stream without authentication. It attempts to connect to the default RTSP endpoint rtsp://:554/default and checks if the stream can be opened and a video frame retrieved successfully. If the connection...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.7 views

Blockchain-Enabled Routing for Zero-Trust Low-Altitude Intelligent Networks

Due to the scalability and portability, low-altitude intelligent networks LAINs are essential in various fields such as surveillance and disaster rescue. However, in LAINs, unmanned aerial vehicles UAVs are characterized by the distributed topology and high mobility, thus vulnerable to security...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.6 views

Splunk Enterprise 8.2.9 / 9.0.2 Vulnerability Scanner

This is a scanner that checks if a Splunk Enterprise system is susceptible to CVE‑2022‑43571, an authenticated remote code execution vulnerability. The vulnerability exists due to insufficient input sanitization in SimpleXML dashboard style parameters such as lineColor or fillColor. When a...

8.8CVSS7.8AI score0.14314EPSS
Exploits5
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.6 views

APFuzz: Towards Automatic Greybox Protocol Fuzzing

Greybox protocol fuzzing is a random testing approach for stateful protocol implementations, where the input is protocol messages generated from mutations of seeds, and the search in the input space is driven by the feedback on coverage of both code and state. State model and message model are th...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.5 views

Predicting Known Vulnerabilities from Attack Descriptions Using Sentence Transformers

Modern infrastructures rely on software systems that remain vulnerable to cyberattacks. These attacks frequently exploit vulnerabilities documented in repositories such as MITRE's Common Vulnerabilities and Exposures CVE. However, Cyber Threat Intelligence resources, including MITRE ATT&CK and CV...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.3 views

Implementation and Transition to Post-Quantum Cryptography of the Minimal IKE Protocol

This paper concerns the Minimal Internet Key Exchange IKE protocol, which has received little attention to date, despite its potential to make the best-known IKE protocol sufficiently lightweight to be also applied in contexts where it is currently prohibitive, due to its large footprint. First, ...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.5 views

Explainability-Aware Evaluation of Transfer Learning Models for IoT DDoS Detection under Resource Constraints

Distributed denial-of-service DDoS attacks threaten the availability of Internet of Things IoT infrastructures, particularly under resource-constrained deployment conditions. Although transfer learning models have shown promising detection accuracy, their reliability, computational feasibility, a...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.7 views

ChaCha20‑Poly1305 AEAD Production Decryptor

This C implementation provides a secure ChaCha20‑Poly1305 decryption function fully compliant with RFC 8439...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.14 views

MulCovFuzz: A Multi-Component Coverage-Guided Greybox Fuzzer for 5G Protocol Testing

As mobile networks transition to 5G infrastructure, ensuring robust security becomes more important due to the complex architecture and expanded attack surface. Traditional security testing approaches for 5G networks rely on black-box fuzzing techniques, which are limited by their inability to...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.17 views

HDF5 Plugin 2.17.0 Path Audit

This script demonstrates a controlled security audit scenario targeting the HDF5 dynamic plugin loading mechanism. It compiles a shared C library that mimics a legitimate HDF5 filter plugin by implementing the required H5Zclass2t structure and registration functions H5PLgetplugintype,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.6 views

Google Chrome 145.0.7632.75 Cross-Platform Version Scanner

This Python script is a defensive security utility designed to detect whether the installed version of Google Chrome is vulnerable to CVE-2026-2441, a high-severity use-after-free flaw affecting versions prior to 145.0.7632.75...

8.8CVSS5.9AI score0.2202EPSS
Exploits12
Packet Storm News
Packet Storm News
added 2026/02/25 12:0 a.m.13 views

The Silent Spill: Measuring Sensitive Data Leaks across Public URL Repositories

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose links containing sensitive information, as reported in so...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.6 views

GNU Privacy Guard 2.5.18

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.8 views

Analysis of LLMs against Prompt Injection and Jailbreak Attacks

Large Language Models LLMs are widely deployed in real-world systems. Given their broader applicability, prompt engineering has become an efficient tool for resource-scarce organizations to adopt LLMs for their own purposes. At the same time, LLMs are vulnerable to prompt-based attacks. Thus,...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.15 views

ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing

It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.5 views

Self-Purification Mitigates Backdoors in Multimodal Diffusion Language Models

Multimodal Diffusion Language Models MDLMs have recently emerged as a competitive alternative to their autoregressive counterparts. Yet their vulnerability to backdoor attacks remains largely unexplored. In this work, we show that well-established data-poisoning pipelines can successfully implant...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.7 views

A Systematic Review of Algorithmic Red Teaming Methodologies for Assurance and Security of AI Applications

Cybersecurity threats are becoming increasingly sophisticated, making traditional defense mechanisms and manual red teaming approaches insufficient for modern organizations. While red teaming has long been recognized as an effective method to identify vulnerabilities by simulating real-world...

6.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.5 views

Linux Kernel 7.x Safe Verification of XFS Scrub ioctl Support

This tool provides a safe and non-exploitative way to verify whether a mount point uses the XFS file system and whether the system kernel supports the ioctl interface for XFS metadata cleanup XFSIOCSCRUBMETADATA. The tool performs verification of the file system type to confirm it is XFS, safely...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.6 views

A Lightweight Defense Mechanism against Next Generation of Phishing Emails Using Distilled Attention-Augmented BiLSTM

The current generation of large language models produces sophisticated social-engineering content that bypasses standard text screening systems in business communication platforms. Our proposed solution for mail gateway and endpoint deception detection operates in a privacy-protective manner whil...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.13 views

AdapTools: Adaptive Tool-Based Indirect Prompt Injection Attacks on Agentic LLMs

The integration of external data services e.g., Model Context Protocol, MCP has made large language model-based agents increasingly powerful for complex task execution. However, this advancement introduces critical security vulnerabilities, particularly indirect prompt injection IPI attacks...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.7 views

SPIP Ultimate Auditor – Comprehensive Security Assessment Script

SPIP Ultimate Auditor is a Python-based security assessment script designed to perform a multi-phase audit against a SPIP CMS installation. The tool automates reconnaissance and misconfiguration detection tasks to identify potential security weaknesses in a target deployment...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.4 views

MemoPhishAgent: Memory-Augmented Multi-Modal LLM Agent for Phishing URL Detection

Traditional phishing website detection relies on static heuristics or reference lists, which lag behind rapidly evolving attacks. While recent systems incorporate large language models LLMs, they are still prompt-based, deterministic pipelines that underutilize reasoning capability. We present...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.7 views

FreeBSD Security Advisory - FreeBSD-SA-26:05.route

FreeBSD Security Advisory - The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not...

6AI score0.00468EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.6 views

FreeBSD Security Advisory - FreeBSD-SA-26:04.jail

FreeBSD Security Advisory - If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the two jail root directories is an ancestor of the other, jailed processes may nonetheless be able to access a shared directory via a nullfs mount, if the administrator h...

5.9AI score0.00111EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/24 12:0 a.m.3 views

Regular Expression Denial of Service Induced by Backreferences

This paper presents the first systematic study of denial-of-service vulnerabilities in Regular Expressions with Backreferences REwB. We introduce the Two-Phase Memory Automaton 2PMFA, an automaton model that precisely captures REwB semantics. Using this model, we derive necessary conditions under...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

Mass FortiGate Symlink Bypass Scanner

FortiGate mass symlink bypass scanner that adds structured validation, impact assessment, and reporting logic. It first verifies whether the target actually appears to be a FortiGate device from Fortinet using fingerprinting heuristics, which reduces false positives. Instead of testing a single...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.22 views

Agents of Chaos

We report an exploratory red-teaming study of autonomous language-model-powered agents deployed in a live laboratory environment with persistent memory, email accounts, Discord access, file systems, and shell execution. Over a two-week period, twenty AI researchers interacted with the agents unde...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

An Explainable Memory Forensics Approach for Malware Analysis

Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

Agentic AI As a Cybersecurity Attack Surface: Threats, Exploits, and Defenses in Runtime Supply Chains

Agentic systems built on large language models LLMs extend beyond text generation to autonomously retrieve information and invoke tools. This runtime execution model shifts the attack surface from build-time artifacts to inference-time dependencies, exposing agents to manipulation through untrust...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

Understanding Human-AI Collaboration in Cybersecurity Competitions

Capture-the-Flag CTF competitions are increasingly becoming a testbed for evaluating AI capabilities at solving security tasks, due to the controlled environments and objective success criteria. Existing evaluations have focused on how successful AI is at solving CTF challenges in isolation from...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.8 views

CodeHacker: Automated Test Case Generation for Detecting Vulnerabilities in Competitive Programming Solutions

The evaluation of Large Language Models LLMs for code generation relies heavily on the quality and robustness of test cases. However, existing benchmarks often lack coverage for subtle corner cases, allowing incorrect solutions to pass. To bridge this gap, we propose CodeHacker, an automated agen...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.7 views

Predicting Known Vulnerabilities from Attack News: A Transformer-Based Approach

Identifying the vulnerabilities exploited during cyberattacks is essential for enabling timely responses and effective mitigation in software security. This paper directly examines the process of predicting software vulnerabilities, specifically Common Vulnerabilities and Exposures CVEs, from...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

OWASP Smart Contract Top 10

The OWASP Smart Contract Top 10: 2026 is a standard awareness document that aims to provide Web3 developers and security teams with insights into the top 10 vulnerabilities found in smart contracts. It is a sub‑project of the broader OWASP Smart Contract Security OWASP SCS initiative. It serves a...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.13 views

SmarterMail 100.0.9413 Vulnerability Scanner

This PHP class implements a non-intrusive vulnerability scanner designed to assess the exposure of a SmarterMail instance to a file upload–related security flaw without executing any commands or payloads. The scanner follows a safe, read-only validation approach that focuses on detecting improper...

10CVSS7.3AI score0.85457EPSS
Exploits15
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.4 views

SafePickle: Robust and Generic ML Detection of Malicious Pickle-Based ML Models

Model repositories such as Hugging Face increasingly distribute machine learning artifacts serialized with Python's pickle format, exposing users to remote code execution RCE risks during model loading. Recent defenses, such as PickleBall, rely on per-library policy synthesis that requires comple...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.6 views

Can You Tell It'S AI? Human Perception of Synthetic Voices in Vishing Scenarios

Large Language Models and commercial speech synthesis systems now enable highly realistic AI-generated voice scams vishing, raising urgent concerns about deception at scale. Yet it remains unclear whether individuals can reliably distinguish AI-generated speech from human-recorded voices in...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

OpenClaw, Moltbook, and ClawdLab: From Agent-Only Social Networks to Autonomous Scientific Research

In January 2026, the open-source agent framework OpenClaw and the agent-only social network Moltbook produced a large-scale dataset of autonomous AI-to-AI interaction, attracting six academic publications within fourteen days. This study conducts a multivocal literature review of that ecosystem a...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.8 views

FortiGate Exposure Audit Tool / Double Slash Path Validation Scanner

The FortiGate Exposure Audit Tool is a defensive security auditing script designed to identify potential path validation inconsistencies in devices that appear to be running FortiGate by Fortinet. This tool does not attempt exploitation, file extraction, or configuration access...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.5 views

Evolution Cyber Intelligence

This is a book written by indoushka that covers the evolution of cyber intelligence from historical methodologies to modern day attacks. Written in Arabic...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.10 views

RobPI: Robust Private Inference against Malicious Client

The increased deployment of machine learning inference in various applications has sparked privacy concerns. In response, private inference PI protocols have been created to allow parties to perform inference without revealing their sensitive data. Despite recent advances in the efficiency of PI,...

5.9AI score
Exploits0
Total number of security vulnerabilities6803