Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.5 views

TP-Link TL-WR820N 2.80 Weak Cryptography

TP-Link TL-WR820N version 2.80 uses weak cryptographic algorithms for SSH...

6CVSS6.8AI score0.00307EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.8 views

tcpdump 4.99.6

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.12 views

SQLMAP - Automatic SQL Injection Tool 1.10

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive...

8.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.8 views

Improving Router Security Using BERT

Previous work on home router security has shown that using system calls to train a transformer-based language model built on a BERT-style encoder using contrastive learning is effective in detecting several types of malware, but the performance remains limited at low false positive rates. In this...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/02 12:0 a.m.5 views

GNU Privacy Guard 2.4.9

GnuPG the GNU Privacy Guard or GPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As suc...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.9 views

Exploring the Integration of Differential Privacy in Cybersecurity Analytics: Balancing Data Utility and Privacy in Threat Intelligence

To resolve the acute problem of privacy protection and guarantee that data can be used in the context of threat intelligence, this paper considers the implementation of Differential Privacy DP in cybersecurity analytics. DP, which is a sound mathematical framework, ensures privacy by adding a...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.9 views

An Empirical Evaluation of LLM-Based Approaches for Code Vulnerability Detection: RAG, SFT, and Dual-Agent Systems

The rapid advancement of Large Language Models LLMs presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of LLM-based techniques for detecting software vulnerabilities...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.9 views

Cracking IoT Security: Can LLMs Outsmart Static Analysis Tools?

Smart home IoT platforms such as openHAB rely on Trigger Action Condition TAC rules to automate device behavior, but the interplay among these rules can give rise to interaction threats, unintended or unsafe behaviors emerging from implicit dependencies, conflicting triggers, or overlapping...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.6 views

Cyberscurity Threats and Defense Mechanisms in IoT Network

The rapid proliferation of Internet of Things IoT technologies, projected to exceed 30 billion interconnected devices by 2030, has significantly escalated the complexity of cybersecurity challenges. This survey aims to provide a comprehensive analysis of vulnerabilities, threats, and defense...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.21 views

Engineering Attack Vectors and Detecting Anomalies in Additive Manufacturing

Additive manufacturing AM is rapidly integrating into critical sectors such as aerospace, automotive, and healthcare. However, this cyber-physical convergence introduces new attack surfaces, especially at the interface between computer-aided design CAD and machine execution layers. In this work, ...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.5 views

From Consensus to Chaos: A Vulnerability Assessment of the RAFT Algorithm

In recent decades, the RAFT distributed consensus algorithm has become a main pillar of the distributed systems ecosystem, ensuring data consistency and fault tolerance across multiple nodes. Although the fact that RAFT is well known for its simplicity, reliability, and efficiency, its security...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.7 views

Advanced Vulnerability Scanning for Open Source Software: Detection and Mitigation of Log4j Vulnerabilities

Automated detection of software vulnerabilities remains a critical challenge in software security. Log4j is an industrial-grade Java logging framework listed as one of the top 100 critical open source projects. On Dec. 10, 2021 a severe vulnerability Log4Shell was disclosed before being fully...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.6 views

Post-Quantum Cryptography Key Expansion Method and Anonymous Certificate Scheme Based on NTRU

NTRU is one of the important lattice-based post-quantum cryptography methods, offering resistance against quantum computing attacks. However, a drawback of NTRU lies in its relatively low efficiency in generating key pairs. Therefore, this study proposes an NTRU-based key expansion method that...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.31 views

Low Rank Comes with Low Security: Gradient Assembly Poisoning Attacks against Distributed LoRA-Based LLM Systems

Low-Rank Adaptation LoRA has become a popular solution for fine-tuning large language models LLMs in federated settings, dramatically reducing update costs by introducing trainable low-rank matrices. However, when integrated with frameworks like FedIT, LoRA introduces a critical vulnerability:...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.4 views

Rectifying Adversarial Examples Using Their Vulnerabilities

Deep neural network-based classifiers are prone to errors when processing adversarial examples AEs. AEs are minimally perturbed input data undetectable to humans posing significant risks to security-dependent applications. Hence, extensive research has been undertaken to develop defense mechanism...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.6 views

Towards Eco Friendly Cybersecurity: Machine Learning Based Anomaly Detection with Carbon and Energy Metrics

The rising energy footprint of artificial intelligence has become a measurable component of US data center emissions, yet cybersecurity research seldom considers its environmental cost. This study introduces an eco aware anomaly detection framework that unifies machine learning based network...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.4 views

Understanding Security Risks of AI Agents' Dependency Updates

Package dependencies are a critical control point in modern software supply chains. Dependency changes can substantially alter a project's security posture. As AI coding agents increasingly modify software via pull requests, it is unclear whether their dependency decisions introduce distinct...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.10 views

Scalable Ultrafast Random Bit Generation Using Wideband Chaos-Based Entropy Sources

The exponential growth of data transmission and processing speeds in modern digital infrastructure requires entropy sources capable of producing large volumes of true randomness for information security. Chaotic emissions from semiconductor lasers are attractive in this context because of their...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.11 views

CellSecInspector: Safeguarding Cellular Networks Via Automated Security Analysis on Specifications

The complexity, interdependence, and rapid evolution of 3GPP specifications present fundamental challenges for ensuring the security of modern cellular networks. Manual reviews and existing automated approaches, which often depend on rule-based parsing or small sets of manually crafted security...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.11 views

FedLiTeCAN : A Federated Lightweight Transformer for Fast and Robust CAN Bus Intrusion Detection

This work implements a lightweight Transformer model for IDS in the domain of Connected and Autonomous Vehicles...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.19 views

SynRAG: A Large Language Model Framework for Executable Query Generation in Heterogeneous SIEM System

Security Information and Event Management SIEM systems are essential for large enterprises to monitor their IT infrastructure by ingesting and analyzing millions of logs and events daily. Security Operations Center SOC analysts are tasked with monitoring and analyzing this vast data to identify...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.5 views

The Quantum State Continuity Problem and Temporal Enforcement against Fork Attacks

We introduce the Quantum State Continuity Problem QSCP, a security objective orthogonal to identity authentication that captures whether a systems current execution is a legitimate continuation of a unique past execution. We show that classical and stateless quantum authentication mechanisms fail...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.6 views

Quantum Machine Learning Approaches for Coordinated Stealth Attack Detection in Distributed Generation Systems

Coordinated stealth attacks are a serious cybersecurity threat to distributed generation systems because they modify control and measurement signals while remaining close to normal behavior, making them difficult to detect using standard intrusion detection methods. This study investigates quantu...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.5 views

Jailbreaking Attacks Vs. Content Safety Filters: How Far Are We in the LLM Safety Arms Race?

As large language models LLMs are increasingly deployed, ensuring their safe use is paramount. Jailbreaking, adversarial prompts that bypass model alignment to trigger harmful outputs, present significant risks, with existing studies reporting high success rates in evading common LLMs. However,...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.6 views

Correctness of Extended RSA Public Key Cryptosystem

This paper proposes an alternative approach to formally establishing the correctness of the RSA public key cryptosystem. The methodology presented herein deviates slightly from conventional proofs found in existing literature. Specifically, this study explores the conditions under which the choic...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.4 views

SourceBroken: A Large-Scale Analysis on the (Un)Reliability of SourceRank in the PyPI Ecosystem

SourceRank is a scoring system made of 18 metrics that assess the popularity and quality of open-source packages. Despite being used in several recent studies, none has thoroughly analyzed its reliability against evasion attacks aimed at inflating the score of malicious packages, thereby...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.6 views

Training-Free Color-Aware Adversarial Diffusion Sanitization for Diffusion Stegomalware Defense at Security Gateways

The rapid expansion of generative AI has normalized large-scale synthetic media creation, enabling new forms of covert communication. Recent generative steganography methods, particularly those based on diffusion models, can embed high-capacity payloads without fine-tuning or auxiliary decoders,...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.5 views

Large Empirical Case Study: Go-Explore Adapted for AI Red Team Testing

Production LLM agents with tool-using capabilities require security testing despite their safety training. We adapt Go-Explore to evaluate GPT-4o-mini across 28 experimental runs spanning six research questions. We find that random-seed variance dominates algorithmic parameters, yielding an 8x...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.9 views

Securing the AI Supply Chain: What Can We Learn from Developer-Reported Security Issues and Solutions of AI Projects?

The rapid growth of Artificial Intelligence AI models and applications has led to an increasingly complex security landscape. Developers of AI projects must contend not only with traditional software supply chain issues but also with novel, AI-specific security threats. However, little is known...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.10 views

Agentic AI for Autonomous Defense in Software Supply Chain Security: Beyond Provenance to Vulnerability Mitigation

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in toto are majorly used to offer provenance and traceabili...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.5 views

Research Directions in Quantum Computer Cybersecurity

This document presents a concise overview of the contemporary research directions in quantum computer cybersecurity. The aim of this document is not to be a survey, but rather a succinct summary of the major research directions in quantum computer cybersecurity at the end of the first half of the...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.7 views

MeLeMaD: Adaptive Malware Detection Via Chunk-Wise Feature Selection and Meta-Learning

Confronting the substantial challenges of malware detection in cybersecurity necessitates solutions that are both robust and adaptable to the ever-evolving threat environment. The paper introduces Meta Learning Malware Detection MeLeMaD, a novel framework leveraging the adaptability and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.5 views

Security without Detection: Economic Denial As a Primitive for Edge and IoT Defense

Detection-based security fails against sophisticated attackers using encryption, stealth, and low-rate techniques, particularly in IoT/edge environments where resource constraints preclude ML-based intrusion detection. We present Economic Denial Security EDS, a detection-independent framework tha...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.21 views

Toward Trustworthy Agentic AI: A Multimodal Framework for Preventing Prompt Injection Attacks

Powerful autonomous systems, which reason, plan, and converse using and between numerous tools and agents, are made possible by Large Language Models LLMs, Vision-Language Models VLMs, and new agentic AI systems, like LangChain and GraphChain. Nevertheless, this agentic environment increases the...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.5 views

Breaking Audio Large Language Models by Attacking Only the Encoder: A Universal Targeted Latent-Space Audio Attack

Audio-language models combine audio encoders with large language models to enable multimodal reasoning, but they also introduce new security vulnerabilities. We propose a universal targeted latent space attack, an encoder-level adversarial attack that manipulates audio latent representations to...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.6 views

Application-Specific Power Side-Channel Attacks and Countermeasures: A Survey

Side-channel attacks try to extract secret information from a system by analyzing different side-channel signatures, such as power consumption, electromagnetic emanation, thermal dissipation, acoustics, time, etc. Power-based side-channel attack is one of the most prominent side-channel attacks i...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.12 views

Zero-Trust Agentic Federated Learning for Secure IIoT Defense Systems

Recent attacks on critical infrastructure, including the 2021 Oldsmar water treatment breach and 2023 Danish energy sector compromises, highlight urgent security gaps in Industrial IoT IIoT deployments. While Federated Learning FL enables privacy-preserving collaborative intrusion detection,...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/29 12:0 a.m.5 views

Practical Quantum Teleportation with Finite-Energy Codebooks

Quantum communication exploits non-classical correlations to achieve efficient and unconditionally secure exchange of information. In particular, the quantum teleportation protocol allows for a deterministic and secure transfer of unknown quantum states by using pre-shared quantum entanglement an...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.7 views

Breaking the Illusion: Automated Reasoning of GDPR Consent Violations

Recent privacy regulations such as the General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA have established legal requirements for obtaining user consent regarding the collection, use, and sharing of personal data. These regulations emphasize that consent must be...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.8 views

EquaCode: A Multi-Strategy Jailbreak Approach for Large Language Models Via Equation Solving and Code Completion

Large language models LLMs, such as ChatGPT, have achieved remarkable success across a wide range of fields. However, their trustworthiness remains a significant concern, as they are still susceptible to jailbreak attacks aimed at eliciting inappropriate or harmful responses. However, existing...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.25 views

SecureBank: A Financially-Aware Zero Trust Architecture for High-Assurance Banking Systems

Financial institutions increasingly rely on distributed architectures, open banking APIs, cloud native infrastructures, and high frequency digital transactions. These transformations expand the attack surface and expose limitations in traditional perimeter based security models. While Zero Trust...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.9 views

Agentic AI for Cyber Resilience: A New Security Paradigm and Its System-Theoretic Foundations

Cybersecurity is being fundamentally reshaped by foundation-model-based artificial intelligence. Large language models now enable autonomous planning, tool orchestration, and strategic adaptation at scale, challenging security architectures built on static rules, perimeter defenses, and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.6 views

Multi-Agent Framework for Threat Mitigation and Resilience in AI-Based Systems

Machine learning ML underpins foundation models in finance, healthcare, and critical infrastructure, making them targets for data poisoning, model extraction, prompt injection, automated jailbreaking, and preference-guided black-box attacks that exploit model comparisons. Larger models can be mor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.6 views

SCyTAG: Scalable Cyber-Twin for Threat-Assessment Based on Attack Graphs

Understanding the risks associated with an enterprise environment is the first step toward improving its security. Organizations employ various methods to assess and prioritize the risks identified in cyber threat intelligence CTI reports that may be relevant to their operations. Some methodologi...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.5 views

Toward Real-World IoT Security: Concept Drift-Resilient IoT Botnet Detection Via Latent Space Representation Learning and Alignment

Although AI-based models have achieved high accuracy in IoT threat detection, their deployment in enterprise environments is constrained by reliance on stationary datasets that fail to reflect the dynamic nature of real-world IoT NetFlow traffic, which is frequently affected by concept drift...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.15 views

When RSA Fails: Exploiting Prime Selection Vulnerabilities in Public Key Cryptography

This paper explores vulnerabilities in RSA cryptosystems that arise from improper prime number selection during key generation. We examine two primary attack vectors: Fermat's factorization method, which exploits RSA keys generated with primes that are too close together, and the Greatest Common...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/27 12:0 a.m.10 views

From Rookie to Expert: Manipulating LLMs for Automated Vulnerability Exploitation in Enterprise Software

LLMs democratize software engineering by enabling non-programmers to create applications, but this same accessibility fundamentally undermines security assumptions that have guided software engineering for decades. We show in this work how publicly available LLMs can be socially engineered to...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.3 views

American Fuzzy Lop plus plus 4.35c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.4 views

ReSMT: An SMT-Based Tool for Reverse Engineering

Software obfuscation techniques make code more difficult to understand, without changing its functionality. Such techniques are often used by authors of malicious software to avoid detection. Reverse Engineering of obfuscated code, i.e., the process of overcoming obfuscation and answering questio...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.7 views

Beyond Single Bugs: Benchmarking Large Language Models for Multi-Vulnerability Detection

Large Language Models LLMs have demonstrated significant potential in automated software security, particularly in vulnerability detection. However, existing benchmarks primarily focus on isolated, single-vulnerability samples or function-level classification, failing to reflect the complexity of...

7AI score
Exploits0
Total number of security vulnerabilities6825