Lucene search
K
PacketstormnewsRecent

6819 matches found

Packet Storm News
Packet Storm News
•added 2026/01/14 12:0 a.m.•20 views

WMI Event Subscription Process Persistence

This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload when the specified process is started. Additionally a custom command can be specified to run once the trigger is activated using the advanced opti...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/14 12:0 a.m.•11 views

Blue Teaming Function-Calling Agents

We present an experimental evaluation that assesses the robustness of four open source LLMs claiming function-calling capabilities against three different attacks, and we measure the effectiveness of eight different defences. Our results show how these models are not safe by default, and how the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•11 views

A Survey of Security Challenges and Solutions for UAS Traffic Management (UTM) and Small Unmanned Aerial Systems (SUAS)

The rapid growth of small Unmanned Aerial Systems sUAS for civil and commercial missions has intensified concerns about their resilience to cyber-security threats. Operating within the emerging UAS Traffic Management UTM framework, these lightweight and highly networked platforms depend on secure...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•5 views

A Decompilation-Driven Framework for Malware Detection with Large Language Models

The parallel evolution of Large Language Models LLMs with advanced code-understanding capabilities and the increasing sophistication of malware presents a new frontier for cybersecurity research. This paper evaluates the efficacy of state-of-the-art LLMs in classifying executable code as either...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•7 views

Proactively Detecting Threats: A Novel Approach Using LLMs

Enterprise security faces escalating threats from sophisticated malware, compounded by expanding digital operations. This paper presents the first systematic evaluation of large language models LLMs to proactively identify indicators of compromise IOCs from unstructured web-based threat...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•3 views

Aura Inspector

aura-inspector is a Swiss Army knife of Salesforce Experience Cloud testing. It facilitates in discovering misconfigured Salesforce Experience Cloud applications as well as automates much of the testing process...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•5 views

On-Chip Semi-Device-Independent Quantum Random Number Generator Exploiting Contextuality

We present a semi-device-independent quantum random number generator QRNG based on the violation of a contextuality inequality, implemented by the integration of two silicon photonic chips. Our system combines a heralded single-photon source with a reconfigurable interferometric mesh to implement...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•6 views

KryptoPilot: An Open-World Knowledge-Augmented LLM Agent for Automated Cryptographic Exploitation

Capture-the-Flag CTF competitions play a central role in modern cybersecurity as a platform for training practitioners and evaluating offensive and defensive techniques derived from real-world vulnerabilities. Despite recent advances in large language models LLMs, existing LLM-based agents remain...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•9 views

LLMs in Code Vulnerability Analysis: A Proof of Concept

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and accurately. Objective: This paper explores the incorporation of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•8 views

Malware Detection Based on API Calls: A Reproducibility Study

This study independently reproduces the malware detection methodology presented by Felli cious et al. 7, which employs order-invariant API call frequency analysis using Random Forest classification. We utilized the original public dataset 250,533 training samples, 83,511 test samples and replicat...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•8 views

Zeek 8.0.5

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•63 views

Deep Learning-Based Binary Analysis for Vulnerability Detection in X86-64 Machine Code

While much of the current research in deep learning-based vulnerability detection relies on disassembled binaries, this paper explores the feasibility of extracting features directly from raw x86-64 machine code. Although assembly language is more interpretable for humans, it requires more comple...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•22 views

Suricata IDPE 8.0.3

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

6.8AI score0.00508EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•6 views

Baiting AI: Deceptive Adversary against AI-Protected Industrial Infrastructures

This paper explores a new cyber-attack vector targeting Industrial Control Systems ICS, particularly focusing on water treatment facilities. Developing a new multi-agent Deep Reinforcement Learning DRL approach, adversaries craft stealthy, strategically timed, wear-out attacks designed to subtly...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•6 views

Integrating APK Image and Text Data for Enhanced Threat Detection: A Multimodal Deep Learning Approach to Android Malware

As zero-day Android malware attacks grow more sophisticated, recent research highlights the effectiveness of using image-based representations of malware bytecode to detect previously unseen threats. However, existing studies often overlook how image type and resolution affect detection and ignor...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/13 12:0 a.m.•8 views

Memory DisOrder: Memory Re-Orderings As a Timerless Side-Channel

To improve efficiency, nearly all parallel processing units CPUs and GPUs implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•5 views

Memory-Based Malware Detection under Limited Data Conditions: A Comparative Evaluation of TabPFN and Ensemble Models

Artificial intelligence and machine learning have significantly advanced malware research by enabling automated threat detection and behavior analysis. However, the availability of exploitable data is limited, due to the absence of large datasets with real-world data. Despite the progress of AI i...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•10 views

InvisibleJS JavaScript Hiding Tool

Welcome to InvisibleJS, an experimental tool for hiding your JavaScript source code in plain sight using zero-width characters. This repository features two distinct versions of the obfuscator, tailored for different execution environments...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•1 views

CarRentalMS 2.0 Cross Site Request Forgery

CarRentalMS version 2.0 suffers from a cross site request forgery vulnerability...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•11 views

When Bots Take the Bait: Exposing and Mitigating the Emerging Social Engineering Attack in Web Automation Agent

Web agents, powered by large language models LLMs, are increasingly deployed to automate complex web interactions. The rise of open-source frameworks e.g., Browser Use, Skyvern-AI has accelerated adoption, but also broadened the attack surface. While prior research has focused on model threats su...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•4 views

SecureCAI: Injection-Resilient LLM Assistants for Cybersecurity Operations

Large Language Models have emerged as transformative tools for Security Operations Centers, enabling automated log analysis, phishing triage, and malware explanation; however, deployment in adversarial cybersecurity environments exposes critical vulnerabilities to prompt injection attacks where...

7.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•3 views

YARA-X 1.11.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/12 12:0 a.m.•6 views

A High-Recall Cost-Sensitive Machine Learning Framework for Real-Time Online Banking Transaction Fraud Detection

Fraudulent activities on digital banking services are becoming more intricate by the day, challenging existing defenses. While older rule driven methods struggle to keep pace, even precision focused algorithms fall short when new scams are introduced. These tools typically overlook subtle shifts ...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/11 12:0 a.m.•5 views

Belief in False Information: A Human-Centered Security Risk in Sociotechnical Systems

This paper provides a comprehensive literature review on the belief in false information, including misinformation, disinformation, and fake information. It addresses the increasing societal concern regarding false information, which is fueled by technological progress, especially advancements in...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/11 12:0 a.m.•48 views

CHASE: LLM Agents for Dissecting Malicious PyPI Packages

Modern software package registries like PyPI have become critical infrastructure for software development, but are increasingly exploited by threat actors distributing malicious packages with sophisticated multi-stage attack chains. While Large Language Models LLMs offer promising capabilities fo...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/11 12:0 a.m.•5 views

Operational Runtime Behavior Mining for Open-Source Supply Chain Security

Open-source software OSS is a critical component of modern software systems, yet supply chain security remains challenging in practice due to unavailable or obfuscated source code. Consequently, security teams often rely on runtime observations collected from sandboxed executions to investigate...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/11 12:0 a.m.•5 views

LINEture: Novel Signature Cryptosystem

We propose a novel digital signature cryptosystem that exploits the concept of the brute-force problem. To ensure the security of the cryptosystem, we employed several mechanisms: sharing a common secret for factorable permutations, associating permutations with the message being signed, and...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/11 12:0 a.m.•10 views

Zer0n: An AI-Assisted Vulnerability Discovery and Blockchain-Backed Integrity Framework

As vulnerability research increasingly adopts generative AI, a critical reliance on opaque model outputs has emerged, creating a "trust gap" in security automation. We address this by introducing Zer0n, a framework that anchors the reasoning capabilities of Large Language Models LLMs to the...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•10 views

SecureDyn-FL: A Robust Privacy-Preserving Federated Learning Framework for Intrusion Detection in IoT Networks

The rapid proliferation of Internet of Things IoT devices across domains such as smart homes, industrial control systems, and healthcare networks has significantly expanded the attack surface for cyber threats, including botnet-driven distributed denial-of-service DDoS, malware injection, and dat...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•13 views

ALFA: A Safe-By-Design Approach to Mitigate Quishing Attacks Launched Via Fancy QR Codes

Phishing with Quick Response QR codes is termed as Quishing. The attackers exploit this method to manipulate individuals into revealing their confidential data. Recently, we see the colorful and fancy representations of QR codes, the 2D matrix of QR codes which does not reflect a typical mixture ...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•6 views

ZkRansomware: Proof-Of-Data Recoverability and Multi-Round Game Theoretic Modeling of Ransomware Decisions

Ransomware is still one of the most serious cybersecurity threats. Victims often pay but fail to regain access to their data, while also facing the danger of losing data privacy. These uncertainties heavily shape the attacker-victim dynamics in decision-making. In this paper, we introduce and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•18 views

S-DAPT-2026: A Stage-Aware Synthetic Dataset for Advanced Persistent Threat Detection

The detection of advanced persistent threats APTs remains a crucial challenge due to their stealthy, multistage nature and the limited availability of realistic, labeled datasets for systematic evaluation. Synthetic dataset generation has emerged as a practical approach for modeling APT campaigns...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•7 views

Behavioral Analytics for Continuous Insider Threat Detection in Zero-Trust Architectures

Insider threats are a particularly tricky cybersecurity issue, especially in zero-trust architectures ZTA where implicit trust is removed. Although the rule of thumb is never trust, always verify, attackers can still use legitimate credentials and impersonate the standard user activity. In...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/10 12:0 a.m.•6 views

QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials

FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this limitation by enabling multi-device credentials...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•6 views

Accessibility Features Persistence Via Debugger Registry Key

This Metasploit module makes it possible to apply the sticky keys hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog. The module modifies the Debug registry setting for certa...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•11 views

The Echo Chamber Multi-Turn LLM Jailbreak

The availability of Large Language Models LLMs has led to a new generation of powerful chatbots that can be developed at relatively low cost. As companies deploy these tools, security challenges need to be addressed to prevent financial loss and reputational damage. A key security challenge is...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•18 views

HogVul: Black-Box Adversarial Code Generation Framework against LM-Based Vulnerability Detectors

Recent advances in software vulnerability detection have been driven by Language Model LM-based approaches. However, these models remain vulnerable to adversarial attacks that exploit lexical and syntax perturbations, allowing critical flaws to evade detection. Existing black-box attacks on...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•6 views

Udev Persistence Script

This Metasploit module will add a script in /lib/udev/rules.d/ in order to execute a payload written on disk. It will be executed with root privileges every time a network interface other than l0 comes up. Execution is triggered through the at command, so it must be installed on the target...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•5 views

Cybersecurity AI: A Game-Theoretic AI for Guiding Attack and Defense

AI-driven penetration testing now executes thousands of actions per hour but still lacks the strategic intuition humans apply in competitive security. To build cybersecurity superintelligence --Cybersecurity AI exceeding best human capability-such strategic intuition must be embedded into agentic...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/09 12:0 a.m.•15 views

Multi-Regional Cloud Honeypot Dataset (MURHCAD)

This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•9 views

Knowledge-To-Data: LLM-Driven Synthesis of Structured Network Traffic for Testbed-Free IDS Evaluation

Realistic, large-scale, and well-labeled cybersecurity datasets are essential for training and evaluating Intrusion Detection Systems IDS. However, they remain difficult to obtain due to privacy constraints, data sensitivity, and the cost of building controlled collection environments such as...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•14 views

Knowledge-Driven Multi-Turn Jailbreaking on Large Language Models

Large Language Models LLMs face a significant threat from multi-turn jailbreak attacks, where adversaries progressively steer conversations to elicit harmful outputs. However, the practical effectiveness of existing attacks is undermined by several critical limitations: they struggle to maintain ...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•6 views

Unified Framework for Qualifying Security Boundary of PUFs against Machine Learning Attacks

Physical Unclonable Functions PUFs serve as lightweight, hardware-intrinsic entropy sources widely deployed in IoT security applications. However, delay-based PUFs are vulnerable to Machine Learning Attacks MLAs, undermining their assumed unclonability. There are no valid metrics for evaluating P...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•9 views

Memory Poisoning Attack and Defense on Memory Based LLM-Agents

Large language model agents equipped with persistent memory are vulnerable to memory poisoning attacks, where adversaries inject malicious instructions through query only interactions that corrupt the agents long term memory and influence future responses. Recent work demonstrated that the MINJA...

7.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•10 views

CurricuLLM: Designing Personalized and Workforce-Aligned Cybersecurity Curricula Using Fine-Tuned LLMs

The cybersecurity landscape is constantly evolving, driven by increased digitalization and new cybersecurity threats. Cybersecurity programs often fail to equip graduates with skills demanded by the workforce, particularly concerning recent developments in cybersecurity, as curriculum design is...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•4 views

Cyber Threat Detection and Vulnerability Assessment System Using Generative AI and Large Language Model

Background: Cyber-attacks have evolved rapidly in recent years, many individuals and business owners have been affected by cyber-attacks in various ways. Cyber-attacks include various threats such as ransomware, malware, phishing, and Denial of Service DoS-related attacks. Challenges: Traditional...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•5 views

Quantum Secure Biometric Authentication in Decentralised Systems

Biometric authentication has become integral to digital identity systems, particularly in smart cities where it en-ables secure access to services across governance, trans-portation, and public infrastructure. Centralised archi-tectures, though widely used, pose privacy and scalabil-ity challenge...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•5 views

AI-Powered Algorithms for the Prevention and Detection of Computer Malware Infections

The rise in frequency and complexity of malware attacks are viewed as a major threat to modern digital infrastructure, which means that traditional signature-based detection methods are becoming less effective. As cyber threats continue to evolve, there is a growing need for intelligent systems t...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•5 views

Multi-Turn Jailbreaking Attack in Multi-Modal Large Language Models

In recent years, the security vulnerabilities of Multi-modal Large Language Models MLLMs have become a serious concern in the Generative Artificial Intelligence GenAI research. These highly intelligent models, capable of performing multi-modal tasks with high accuracy, are also severely susceptib...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/01/08 12:0 a.m.•7 views

Supporting Secured Integration of Microarchitectural Defenses

There has been a plethora of microarchitectural-level attacks leading to many proposed countermeasures. This has created an unexpected and unaddressed security issue where naive integration of those defenses can potentially lead to security vulnerabilities. This occurs when one defense changes an...

6.8AI score
Exploits0
Total number of security vulnerabilities6819