Lucene search
K
PacketstormnewsRecent

6746 matches found

Packet Storm News
Packet Storm News
•added 2026/06/29 12:0 a.m.•3 views

AI-Generated PowerShell Malware: An Experimental Framework and Dataset

Generative AI has emerged as a significant cybersecurity threat, with several recent attack campaigns leveraging LLMs to generate code for malicious purposes via scripting languages such as PowerShell. Consequently, for cybersecurity analysts, it is imperative to investigate the offensive...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/29 12:0 a.m.•8 views

Multi-Level Distributional Entropy for Explainable Network Intrusion Detection

Machine learning network intrusion detection systems IDS rely on aggregate flow statistics that discard distributional structure, while established entropy measures require raw packet sequences unavailable in pre-aggregated flow datasets. We propose Multi-Level Distributional Entropy MDE, an...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/29 12:0 a.m.•5 views

American Fuzzy Lop plus plus 5.02c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/28 12:0 a.m.•12 views

Benchmark AUC Is Not Deployable Reliability: A Cross-Dataset Audit of Off-The-Shelf Features for Surveillance Video Anomaly Detection

Automated "suspicious behavior" flagging is a headline promise of AI surveillance, and the field reports high frame-level ROC-AUC on standard video anomaly detection benchmarks. Those numbers are measured by training and testing on the same camera and scene. We audit what happens when that...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/28 12:0 a.m.•13 views

An Empirical Evaluation of Prompt Injection Vulnerabilities in Large Language Models across Multilingual and Obfuscated Attack Scenarios

Large Language Models LLMs have rapidly evolved, transforming industries by automating complex tasks and generating human-like content. However, as their adoption accelerates, prompt injection vulnerabilities have become increasingly apparent. Malicious actors exploit these weaknesses to generate...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/28 12:0 a.m.•10 views

Empirical Evaluation of Multi-Modal Touch Detection in Over-The-Shoulder Video Surveillance

Video Intelligence Surveillance VIDINT on over-the-shoulder footage is a proposed vector for monitoring human-computer interaction patterns without direct screen recording access. In this paper, we evaluate a Behavioral Intelligence BEHINT touch-detection framework designed to reconstruct keystro...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/28 12:0 a.m.•12 views

Toward Comprehensive Risk Assessments and Assurance of AI-Based Systems

Novel safety, socio-economic, and ethical harms arising from the deployment of AI-based systems have led to a breadth of work seeking to map, measure, and mitigate against newly found risks. These works have heavily leveraged techniques and terminology from the fields of System Safety Engineering...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•7 views

A Usable and Secure Bengali CAPTCHA

Text-based CAPTCHAs Completely Automated Public Turing test to tell Computers and Humans Apart have traditionally been a simple, affordable, lightweight, yet very effective security mechanism to distinguish human users from automated bots on the web, serving as a preventive measure against many...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•16 views

Extending Detection Engineering to Digital Forensics: The Velociraptor Unified Detection-Forensics Methodology

Detection engineering and digital forensics have evolved in parallel rather than in partnership, leaving a gap between real-time alerting and forensic analysis. This paper develops a unified detection-forensics methodology using Velociraptor, where detection logic directly initiates targeted...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•12 views

Understanding Binary Code Similarity for Real-World Vulnerability Detection: A Large-Scale Empirical Study

Firmware lies at the heart of IoT devices. Its development depends heavily on third-party libraries TPLs, which greatly accelerate the process but simultaneously introduce associated vulnerabilities. Binary Code Similarity Detection BCSD is an effective technique for identifying vulnerabilities i...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•15 views

Cybersecurity Is the True Frontier for Generative AI Success or Failure

Cybersecurity is a real-life test-bed for many machine learning problems at once, especially when considering modern strides in using Large Language Models LLMs to automate processes as "agents.'' Cybersecurity workflows require orchestrating hundreds of standard and bespoke tools through various...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•8 views

Towards Improved Anomaly Detection for Cloud Cybersecurity Via Graph Neural Networks

Detecting security threats in an organization's cloud computing environment has become necessary due to the increased reliance on cloud infrastructure. Logging of all cloud computing events enables investigation into any incidents after they are detected. Automated detection of threats using the...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/27 12:0 a.m.•33 views

FlipGuard: Defending Large Language Models against Quantization-Conditioned Backdoor Attacks

Model quantization is essential for the efficient deployment of Large Language Models LLMs, but introduces a critical vulnerability: Quantization-Conditioned Backdoor QCB attacks. In these attacks, malicious behaviors remain dormant in full-precision models and activate only after specific...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•6 views

PLAA: Packet-Level Adversarial Attacks in Network Traffic Detection

Deep neural networks DNNs are widely applied in Network-based Intrusion Detection System NIDS due to their high accuracy. However, DNNs are highly susceptible to adversarial attacks, which generate malicious traffic to evade NIDS detection. Existing approaches often adapt adversarial attacks from...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•2 views

How Humans, Bots, and Agents Communicate about Vulnerabilities in Pull Requests

Developers may reference vulnerabilities in pull request discussions through both explicit identifiers, such as CVEs or GHSAs, and implicit security-related language e.g., "unauthorized access" or "SQL injection". Prior work has primarily focused on explicit identifiers, potentially overlooking...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•2 views

Decoys Cannot Go Everywhere: Mapping the Deception Surface in MITRE ATT&CK

Cyber deception research often assumes that a decoy can be placed wherever there is attacker behavior. This work tests that assumption across MITRE ATT&CK v18.1. We introduce a four-criterion rubric for infrastructure deception and apply it to all 250 ATT&CK techniques. The rubric evaluates wheth...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•2 views

GTI-MSEMP Framework : A Proposed Framework to Stimulate Malware Propagation with Inclusion of Attacker-Defender Strategy

The rapid proliferation of automated, multi-vector malware threats poses a significant risk to heterogeneous, resource constrained cyber-physical networks. Conventional epidemiological models often treat security defenses as static parameters, failing to capture the strategic, asymmetric maneuver...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•2 views

Ghost without Shell: Measuring Non-Interactive SSH Attacks on Honeypots

Cyber deception research has focused on improving honeypot deception capabilities to increase attacker engagement and extend their interactions to collect more and better intelligence. For SSH honeypots, this relies on the assumption that attackers log in, open a shell, and type. We tested whethe...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•9 views

Joern 4.0.566

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•8 views

Decomposing Memorization Reduction in Privacy-Preserving Fine-Tuning of SLMs for CSIRTs

CSIRTs increasingly fine tune language models on vulnerability scan records, but these records expose internal network topology and create privacy risks under regulations such as GDPR and LGPD. We present the first empirical study of how DP SGD and HMAC pseudonymization interact when fine tuning...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•12 views

Formal Security Analysis of Agent Protocol Composition

AI agent protocols define how agents use tools, delegate work, and coordinate across software systems, but their security requirements remain incomplete and inconsistently enforced across deployments. We present AgentThread, a source-linked framework for security assurance analysis of agent...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/26 12:0 a.m.•9 views

LLM Agents Security Duality: A Comprehensive Survey of Self-Security and Empowered Cybersecurity

Large language model LLM agents are rapidly being integrated into real-world systems. Their autonomy and tool-use capabilities generate substantial value while simultaneously expanding the security attack surface. This survey provides a comprehensive overview of the opportunities and challenges o...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•7 views

LoadReload - Windows EDR Evasion Shellcode Loader

LoadReload is a Windows shellcode loader developed for academic malware research. It loads a shellcode payload from disk, applies multiple anti-analysis and endpoint detection evasion techniques—including API hashing, dynamic API resolution, anti-emulation timing checks, module stomping, memory...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•10 views

Fortress and Gatekeeper: Theorizing Transitive Trust in Third-Party Cybersecurity Risk Governance

Third-party vendors, such as analytics platforms, cloud services, identity providers, and software suppliers, are increasingly embedded in digital service delivery. While these arrangements enable scale and specialization, they also move customer data and security-relevant practices into...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•15 views

MIRROR: Novelty-Constrained Memory-Guided MCTS Red-Teaming for Agentic RAG

Multimodal agentic retrieval-augmented generation RAG systems expand the attack surface beyond prompt injection to include text poisoning, image injection, direct-query attacks, and orchestrator-level tool manipulation. Existing red-teaming approaches are typically surface-specific and often...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•13 views

Inherited Circuits, Learned Semantics: How Fine-Tuning Creates Evasion Vulnerabilities Invisible to Standard Evaluation

LLMs fine-tuned for security classification are usually evaluated on held-out examples from the same distribution as their training data. We show that this can miss vulnerabilities introduced by fine-tuning itself: models can learn token-level indicator semantics that preserve canonical accuracy...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•9 views

DroidBreaker: Practical and Functional Problem-Space Attacks on Machine-Learning Android Malware Detectors

Adversarial APKs are Android applications modified in the problem space to evade machine-learning malware detectors. In this work, we first show that, despite claims, existing problem-space attacks remain largely impractical. Most techniques leverage software transplantation to inject entire beni...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•8 views

TOR Virtual Network Tunneling Tool 0.4.9.10

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•11 views

Lynis Auditing Tool 3.1.7

Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•9 views

Application of LLMs to Threat Assessment of Foreign Peacekeeping Missions

We present a novel approach for applying Large Language Models LLMs to threat assessment in the context of foreign peacekeeping missions. Building on the PINPOINT project and its use case, the EU Monitoring Mission in Georgia, we combine an interdisciplinary risk-model with OSINT-based media...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•2 views

IoT Product Cybersecurity Guidelines for the Federal Government Initial Public Draft

The National Institute of Standards and Technology NIST has announced it's request for public feedback on the initial draft of NIST SP 800-213r1 ipd / IoT Product Cybersecurity Guidelines for the Federal Government...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•7 views

Tool Use Enables Undetectable Steganography in Multi-Agent LLM Systems

Increasingly autonomous agentic AI systems pose novel multi-agent risks, such as secret collusion via covert communication channels. The natural defence to these collusion attempts is to monitor plain-text communication, but the efficacy of monitors has been called into doubt by increasingly...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/25 12:0 a.m.•19 views

Protocol Prying: Systematic Vulnerability Research in the Apple AirDrop and Android Quick Share Proximity Transfer Protocols

Apple AirDrop and Google/Samsung Quick Share are proximity file-transfer protocols used by over five billion devices, yet their application-layer security properties remain largely unstudied because both stacks are proprietary and undocumented. Both protocols are reachable from wireless proximity...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

angr 9.2.222

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•22 views

Beyond Takedown: Measuring Malicious Go Module Persistence in the Wild

We measure an automation-based supply chain campaign in the Go ecosystem. The attackers repackage legitimate Go modules under attacker-controlled owners, and embed them with obfuscated code for an import-triggered downloader. Our results come from two complementary analyses: a a manual search on...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

CISA: Using SASE in a Modern TIC 3.0 Solution

CISA's guidance, The Journey to Zero Trust - Using Secure Access Service Edge in a Modern TIC 3.0 Solution, details how the Trusted Internet Connections TIC 3.0 initiative is helping agencies modernize the way their users connect to applications, data and services. While federal agencies are the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Joern 4.0.564

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

WPProbe Plugin Enumeration Tool 0.12.3

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

NTForge Vulnerability Research / Exploit Reproduction Template

NTForge is a Windows 10/11 C++17 vulnerability-research and exploit-reproduction template intended for authorized testing and coordinated reporting to the Microsoft Security Response Center MSRC. It provides a documented native API resolver, internal structure references, safe memory primitives,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Malware Distribution Via Browser-in-the-Browser Kit

Unit42 From Palo Alto Networks has discovered a Browser-in-the-Browser BitB campaign specifically tailored for malware delivery...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Dismantling FortiBleed: Inside a Russian Fortinet Compromise Operation

SOCRadar Threat Research Unit STRU has reported FortiBleed, a large-scale credential-harvesting operation targeting more than 430,000 FortiGate firewalls globally. The investigation also confirmed the breach of a NATO-aligned defense contractor. Based on the observed activity, the threat actor is...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

YARA-X 1.19.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Do (Not) Tell Me about My Insecurities: Assessing the Status Quo of Coordinated Vulnerability Disclosure in Germany Amid New EU Cybersecurity Regulations

In our increasingly interconnected world, good IT security practices are necessary to prevent vulnerabilities and data breaches. Providing security contacts, e.g., via Coordinated Vulnerability Disclosure CVD programs or security.txt files, is an important practice for businesses to facilitate...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

CrypFormBench: Benchmarking Formal Analysis Capability of Large Language Models for Cryptographic Schemes

Manual formal analysis of cryptographic schemes is labor-intensive and requires substantial expertise. While model-checking tools e.g., Scyther and Tamarin and computational-security tools e.g., CryptoVerif and EasyCrypt improve the automation of security proofs, they still rely on experts to...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Flounder 0.1.0

Flounder turns modern coding agents into an end-to-end security audit system. Give it an authorized target boundary - a repository, source tree, package, deployed clue, or prior run - and the agent can prepare the workspace, read the code and supporting material, map the attack surface, dig into...

6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Helpful or Harmful? Evaluating LLM-Assisted Vulnerability Patching Via a Human Study

Software vulnerability remediation is a cognitively demanding task that requires specialized security expertise often lacking in general developers. In the meantime, Large Language Models LLMs assisted tools show potential in vulnerability detection, location, and repair tasks. Hypothesis: While...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Space-Based Missile Defense

This paper reviews the technical issues underlying space-based boost-phase missile defense and examines the current technology available for space-based interceptors and the characteristics of the missiles such a system would face. It then analyzes a particular space-based missile defense system...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•2 views

Information Flow Security on Persistent Memory

Persistent memory is a recently proposed memory paradigm that delivers many system-wide benefits, including improved runtime efficiency and the ability of programs to recover from power outages and system crashes. While recent research has investigated techniques for proving functional correctnes...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•33 views

CyberChainBench: Can AI Agents Secure Smart Contracts against Real-World On-Chain Vulnerabilities?

We present CyberChainBench, a benchmark for evaluating LLM-based agents on smart contract security across three complementary tasks: vulnerability detection, exploit generation, and patch synthesis. Built from 541 real-world exploit incidents from DeFiHackLabs spanning 9 EVM chains, the benchmark...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/24 12:0 a.m.•13 views

Reinforcement Learning for Software Vulnerability Analysis: A Systematic Review with Emphasis on C/C++ Source Code and Static Analysis

Vulnerability detection in C/C++ software remains a major security challenge due to code complexity, manual memory management, and the limitations of traditional static analysis. Reinforcement Learning RL has emerged as a promising approach, particularly for fuzzing, test generation, program...

5.9AI score
Exploits0
Total number of security vulnerabilities6746