Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.22 views

A Content-Based Framework for Cybersecurity Refusal Decisions in Large Language Models

Large language models and LLM-based agents are increasingly used for cybersecurity tasks that are inherently dual-use. Existing approaches to refusal, spanning academic policy frameworks and commercially deployed systems, often rely on broad topic-based bans or offensive-focused taxonomies. As a...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.6 views

OMNI-STRIKE Multi‑Protocol Wireless Security Testing Platform

OMNI‑STRIKE is a multi‑protocol wireless security assessment application built for Flipper Zero. It is designed to discover nearby wireless devices and perform controlled, authorized security testing in a structured and logged environment...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.12 views

A Unified Evaluation of Learning-Based Similarity Techniques for Malware Detection

Cryptographic digests e.g., MD5, SHA-256 are designed to provide exact identity. Any single-bit change in the input produces a completely different hash, which is ideal for integrity verification but limits their usefulness in many real-world tasks like threat hunting, malware analysis and digita...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.6 views

Python Email Header Injection Mitigation Tester

This tool demonstrates how modern Python's email library EmailMessage with policy.default effectively prevents email header injection attacks. By rejecting newline and carriage return characters in header values, the library enforces RFC 5322 compliance and blocks classic injection attempts such ...

5.7CVSS5.4AI score0.0055EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.18 views

From Tool Orchestration to Code Execution: A Study of MCP Design Choices

Model Context Protocols MCPs provide a unified platform for agent systems to discover, select, and orchestrate tools across heterogeneous execution environments. As MCP-based systems scale to incorporate larger tool catalogs and multiple concurrently connected MCP servers, traditional tool-by-too...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.51 views

Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers

Zero Knowledge Encryption is a term widely used by vendors of cloud-based password managers. Although it has no strict technical meaning, the term conveys the idea that the server, who stores encrypted password vaults on behalf of users, is unable to learn anything about the contents of those...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/17 12:0 a.m.5 views

TOR Virtual Network Tunneling Tool 0.4.9.5

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.10 views

Intellicise Wireless Networks Meet Agentic AI: A Security and Privacy Perspective

Intellicise Intelligent and Concise wireless network is the main direction of the evolution of future mobile communication systems, a perspective now widely acknowledged across academia and industry. As a key technology within it, Agentic AI has garnered growing attention due to its advanced...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.11 views

Secure and Energy-Efficient Wireless Agentic AI Networks

In this paper, we introduce a secure wireless agentic AI network comprising one supervisor AI agent and multiple other AI agents to provision quality of service QoS for users' reasoning tasks while ensuring confidentiality of private knowledge and reasoning outcomes. Specifically, the supervisor ...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.6 views

A Scan-Based Analysis of Internet-Exposed IoT Devices Using Shodan Data

An open measurement problem in IoT security is whether scan-observable network configurations encode population-level exposure risk beyond individual devices. An analysis of internet-exposed IoT endpoints using a controlled multi-country sample from Shodan Search and Shodan InternetDB, selecting...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.5 views

State of Passkey Authentication in the Wild: A Census of the Top 100K Sites

Passkeys -- discoverable WebAuthn credentials synchronised across devices are widely promoted as the future of passwordless authentication. Built on the FIDO2 standard, they eliminate shared secrets and resist phishing while offering usability through platform credential managers. Since their...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.15 views

AI Arms and Influence: Frontier Models Exhibit Sophisticated Reasoning in Simulated Nuclear Crises

Today's leading AI models engage in sophisticated behaviour when placed in strategic competition. They spontaneously attempt deception, signaling intentions they do not intend to follow; they demonstrate rich theory of mind, reasoning about adversary beliefs and anticipating their actions; and th...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.5 views

nfstream 6.6.0

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.6 views

Exposing the Systematic Vulnerability of Open-Weight Models to Prefill Attacks

As the capabilities of large language models continue to advance, so does their potential for misuse. While closed-source models typically rely on external defenses, open-weight models must primarily depend on internal safeguards to mitigate harmful behavior. Prior red-teaming research has largel...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.7 views

OpenSSL 3.x Realistic ASN.1 / PKCS#12 Denial of Service Tool

This proof of concept builds structurally correct ASN.1 DER / PKCS12 files designed to stress-test OpenSSL's parser and memory handling. It focuses on non-exploitative impacts such as denial of service, excessive memory consumption, deep recursion, malformed lengths, and duplicated/overlapping...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.11 views

Exploiting Layer-Specific Vulnerabilities to Backdoor Attack in Federated Learning

Federated learning FL enables distributed model training across edge devices while preserving data locality. This decentralized approach has emerged as a promising solution for collaborative learning on sensitive user data, effectively addressing the longstanding privacy concerns inherent in...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.7 views

What Hackers Talk about When They Talk about AI: Early-Stage Diffusion of a Cybercrime Innovation

The rapid expansion of artificial intelligence AI is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by seasoned cybercriminals. This paper examines the evolving relationship between...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.10 views

When Security Meets Usability: An Empirical Investigation of Post-Quantum Cryptography APIs

Advances in quantum computing increasingly threaten the security and privacy of data protected by current cryptosystems, particularly those relying on public-key cryptography. In response, the international cybersecurity community has prioritized the implementation of Post-Quantum Cryptography PQ...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.5 views

Systematic Review of Lightweight Cryptographic Algorithms

The emergence of small computing devices and the integration of processing units into everyday objects has made lightweight cryptography an essential part of the security landscape. Conventional cryptographic algorithms such as AES, RSA, and DES are unsuitable for resource-constrained devices due...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.5 views

OpenSSL 3.x QUIC Initial Packet Builder / Sender

This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/16 12:0 a.m.4 views

Stegano 2.2.0

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.7 views

A Trajectory-Based Safety Audit of Clawdbot (OpenClaw)

Clawdbot is a self-hosted, tool-using personal AI agent with a broad action space spanning local execution and web-mediated workflows, which raises heightened safety and security concerns under ambiguity and adversarial steering. We present a trajectory-centric evaluation of Clawdbot across six...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.6 views

Toward a Military Smart Cyber Situational Awareness (CSA)

The development of technology across multiple sectors and the growing importance of cyber warfare make the development of Cyber Situational Awareness CSA a fundamental component of any cyber defense strategy. CSA, as a practice, enables understanding of the current landscape within an organizatio...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.13 views

From SFT to RL: Demystifying the Post-Training Pipeline for LLM-Based Vulnerability Detection

The integration of LLMs into vulnerability detection VD has shifted the field toward interpretable and context-aware analysis. While post-training methods have shown promise in general coding tasks, their systematic application to VD remains underexplored. In this paper, we present the first...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.12 views

AXE: An Agentic EXploit Engine for Confirming Zero-Day Vulnerability Reports

Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing approaches typically operate in isolation from detection...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/15 12:0 a.m.6 views

The Baby Steps of the European Union Vulnerability Database: An Empirical Inquiry

A new European Union Vulnerability Database EUVD was introduced via a legislative act in 2022. The paper examines empirically the meta-data content of the new EUVD. According to the results, actively exploited vulnerabilities archived to the EUVD have been rather severe, having had also high...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.5 views

Applying Public Health Systematic Approaches to Cybersecurity: The Economics of Collective Defense

The U.S. public health system increased life expectancy by more than 30 years since 1900 through systematic data collection, evidence-based intervention, and coordinated response. This paper examines whether cybersecurity can benefit from similar organizational principles. We find that both domai...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.6 views

Assessing Cybersecurity Risks and Traffic Impact in Connected Autonomous Vehicles

Given the promising future of autonomous vehicles, it is foreseeable that self-driving cars will soon emerge as the predominant mode of transportation. While autonomous vehicles offer enhanced efficiency, they remain vulnerable to external attacks. In this research, we sought to investigate the...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/14 12:0 a.m.4 views

A Real-Time Approach to Autonomous CAN Bus Reverse Engineering

This paper introduces a real-time method for reverse engineering a vehicle's CAN bus without prior knowledge of the vehicle or its CAN system. By comparing inertial measurement and CAN data during significant vehicle events, the method accurately identified the CAN channels associated with the...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.5 views

The Rise of AI Agent Communities: Large-Scale Analysis of Discourse and Interaction on Moltbook

Moltbook is a Reddit-like social platform where AI agents create posts and interact with other agents through comments and replies, offering a real-world setting to examine agent-to-agent communication at scale. Using a public API snapshot collected about five days after launch 122,438 posts, we...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.5 views

Web Application Security Developer Training Guide

This guide gives a thorough overview of 34 web application vulnerabilities with descriptions of the issues, PHP examples of vulnerable code, exploit methodologies, and remediation strategies...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.13 views

Execution-State-Aware LLM Reasoning for Automated Proof-Of-Vulnerability Generation

Proof-of-Vulnerability PoV generation is a critical task in software security, serving as a cornerstone for vulnerability validation, false positive reduction, and patch verification. While directed fuzzing effectively drives path exploration, satisfying complex semantic constraints remains a...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.4 views

Cryptographic Choreographies

We present CryptoChoreo, a choreography language for the specification of cryptographic protocols. Choreographies can be regarded as an extension of Alice-and-Bob notation, providing an intuitive high-level view of the protocol as a whole rather than specifying each protocol role in isolation. Th...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.5 views

Backdoor Attacks on Contrastive Continual Learning for IoT Systems

The Internet of Things IoT systems increasingly depend on continual learning to adapt to non-stationary environments. These environments can include factors such as sensor drift, changing user behavior, device aging, and adversarial dynamics. Contrastive continual learning CCL combines contrastiv...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.7 views

Assessing Spear-Phishing Website Generation in Large Language Model Coding Agents

Large Language Models are expanding beyond being a tool humans use and into independent agents that can observe an environment, reason about solutions to problems, make changes that impact those environments, and understand how their actions impacted their environment. One of the most common...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.7 views

pgAdmin 4 Multi‑Target Vulnerability Scanner

This project is a PHP‑based multi‑target vulnerability scanner designed to identify potential exposure to CVE‑2025‑13780 affecting pgAdmin 4 versions 8.14 and below. The tool operates as a heuristic / threat‑intelligence scanner, not an exploit...

9.1CVSS5.5AI score0.00866EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/13 12:0 a.m.6 views

In-Context Autonomous Network Incident Response: An End-To-End Large Language Model Agent Approach

Rapidly evolving cyberattacks demand incident response systems that can autonomously learn and adapt to changing threats. Prior work has extensively explored the reinforcement learning approach, which involves learning response strategies through extensive simulation of the incident. While this...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.64 views

Sparse Autoencoders Are Capable LLM Jailbreak Mitigators

Jailbreak attacks remain a persistent threat to large language model safety. We propose Context-Conditioned Delta Steering CC-Delta, an SAE-based defense that identifies jailbreak-relevant sparse features by comparing token-level representations of the same harmful request with and without...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.8 views

LoRA-Based Parameter-Efficient LLMs for Continuous Learning in Edge-Based Malware Detection

The proliferation of edge devices has created an urgent need for security solutions capable of detecting malware in real time while operating under strict computational and memory constraints. Recently, Large Language Models LLMs have demonstrated remarkable capabilities in recognizing complex...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.14 views

DRAMatic Speedup: Accelerating HE Operations on a Processing-In-Memory System

Homomorphic encryption HE is a promising technology for confidential cloud computing, as it allows computations on encrypted data. However, HE is computationally expensive and often memory-bound on conventional computer architectures. Processing-in-Memory PIM is an alternative hardware architectu...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.9 views

Favia: Forensic Agent for Vulnerability-Fix Identification and Analysis

Identifying vulnerability-fixing commits corresponding to disclosed CVEs is essential for secure software maintenance but remains challenging at scale, as large repositories contain millions of commits of which only a small fraction address security issues. Existing automated approaches, includin...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.3 views

Unknown Attack Detection in IoT Networks Using Large Language Models: A Robust, Data-Efficient Approach

The rapid evolution of cyberattacks continues to drive the emergence of unknown zero-day threats, posing significant challenges for network intrusion detection systems in Internet of Things IoT networks. Existing machine learning and deep learning approaches typically rely on large labeled...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.5 views

Tracking the Trackers: Commercial Surveillance Occurring on U.S. Army Networks

Despite current security implementations, Internet activity on DoD networks is susceptible to web trackers and commercial data collection, which have the potential to expose information about service members and unit operations. This report documents the outcomes of a study to characterize web...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.13 views

TestSSL 3.2.3

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.7 views

Nikto Web Scanner 2.6.0

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including thousands of potentially dangerous files/programs, checks for outdated versions of over 1500 server components, and version specific problems on hundreds of servers...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.9 views

An Empirical Study of the Imbalance Issue in Software Vulnerability Detection

Vulnerability detection is crucial to protect software security. Nowadays, deep learning DL is the most promising technique to automate this detection task, leveraging its superior ability to extract patterns and representations within extensive code volumes. Despite its promise, DL-based...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.5 views

Verifiable Provenance of Software Artifacts with Zero-Knowledge Compilation

Verifying that a compiled binary originates from its claimed source code is a fundamental security requirement, called source code provenance. Achieving verifiable source code provenance in practice remains challenging. The most popular technique, called reproducible builds, requires difficult...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.3 views

Automatic Simplification of Common Vulnerabilities and Exposures Descriptions

Understanding cyber security is increasingly important for individuals and organizations. However, a lot of information related to cyber security can be difficult to understand to those not familiar with the topic. In this study, we focus on investigating how large language models LLMs could be...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.19 views

Resource-Aware Deployment Optimization for Collaborative Intrusion Detection in Layered Networks

Collaborative Intrusion Detection Systems CIDS are increasingly adopted to counter cyberattacks, as their collaborative nature enables them to adapt to diverse scenarios across heterogeneous environments. As distributed critical infrastructure operates in rapidly evolving environments, such as...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.5 views

Lightweight Cluster-Based Federated Learning for Intrusion Detection in Heterogeneous IoT Networks

The rise of heterogeneous Internet of Things IoT devices has raised security concerns due to their vulnerability to cyberattacks. Intrusion Detection Systems IDS are crucial in addressing these threats. Federated Learning FL offers a privacy-preserving solution, but IoT heterogeneity and limited...

5.5AI score
Exploits0
Total number of security vulnerabilities6803