Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•5 views

When the Base Station Flies: Rethinking Security for UAV-Based 6G Networks

The integration of non-terrestrial networks NTNs into 6G systems is crucial for achieving seamless global coverage, particularly in underserved and disaster-prone regions. Among NTN platforms, unmanned aerial vehicles UAVs are especially promising due to their rapid deployability. However, this...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•7 views

Analyzing Code Injection Attacks on LLM-Based Multi-Agent Systems in Software Development

Agentic AI and Multi-Agent Systems are poised to dominate industry and society imminently. Powered by goal-driven autonomy, they represent a powerful form of generative AI, marking a transition from reactive content generation into proactive multitasking capabilities. As an exemplar, we propose a...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•7 views

Securing Cross-Domain Internet of Drones: An RFF-PUF Allied Authenticated Key Exchange Protocol with Over-The-Air Enrollment

The Internet of Drones IoD is an emerging and crucial paradigm enabling advanced applications that require seamless, secure communication across heterogeneous and untrusted domains. In such environments, access control and the transmission of sensitive data pose significant security challenges fo...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•6 views

A Statistical Side-Channel Risk Model for Timing Variability in Lattice-Based Post-Quantum Cryptography

Timing side-channels are an important threat to cryptography that still needs to be addressed in implementations, and the advent of post-quantum cryptography raises this issue because the lattice-based schemes may produce secret-dependent timing variability with the help of complex arithmetic and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•5 views

Machine Learning Power Side-Channel Attack on SNOW-V

This paper demonstrates a power analysis-based Side-Channel Analysis SCA attack on the SNOW-V encryption algorithm, which is a 5G mobile communication security standard candidate. Implemented on an STM32 microcontroller, power traces captured with a ChipWhisperer board were analyzed, with Test...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•6 views

Exploring the Security Threats of Retriever Backdoors in Retrieval-Augmented Code Generation

Retrieval-Augmented Code Generation RACG is increasingly adopted to enhance Large Language Models for software development, yet its security implications remain dangerously underexplored. This paper conducts the first systematic exploration of a critical and stealthy threat: backdoor attacks...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/25 12:0 a.m.•6 views

Verifiable Passkey: The Decentralized Authentication Standard

Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance. However, like any other authentication system, passkeys requir...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•4 views

AutoBaxBuilder: Bootstrapping Code Security Benchmarking

As LLMs see wide adoption in software engineering, the reliable assessment of the correctness and security of LLM-generated code is crucial. Notably, prior work has demonstrated that security is often overlooked, exposing that LLMs are prone to generating code with security vulnerabilities. These...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•27 views

LLM-Driven Feature-Level Adversarial Attacks on Android Malware Detectors

The rapid growth in both the scale and complexity of Android malware has driven the widespread adoption of machine learning ML techniques for scalable and accurate malware detection. Despite their effectiveness, these models remain vulnerable to adversarial attacks that introduce carefully crafte...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•13 views

Security Risks Introduced by Weak Authentication in Smart Home IoT Systems

Smart home IoT systems rely on authentication mechanisms to ensure that only authorized entities can control devices and access sensitive functionality. In practice, these mechanisms must balance security with usability, often favoring persistent connectivity and minimal user interaction. This...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•6 views

Assessing the Software Security Comprehension of Large Language Models

Large language models LLMs are increasingly used in software development, but their level of software security expertise remains unclear. This work systematically evaluates the security comprehension of five leading LLMs: GPT-4o-Mini, GPT-5-Mini, Gemini-2.5-Flash, Llama-3.1, and Qwen-2.5, using...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•5 views

Uncertainty in Security: Managing Cyber Senescence

My main worry, and the core of my research, is that our cybersecurity ecosystem is slowly but surely aging and getting old and that aging is becoming an operational risk. This is happening not only because of growing complexity, but more importantly because of accumulation of controls and measure...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•6 views

The Imitation Game: Using Large Language Models As Chatbots to Combat Chat-Based Cybercrimes

Chat-based cybercrime has emerged as a pervasive threat, with attackers leveraging real-time messaging platforms to conduct scams that rely on trust-building, deception, and psychological manipulation. Traditional defense mechanisms, which operate on static rules or shallow content filters,...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•6 views

CoTDeceptor:Adversarial Code Obfuscation against CoT-Enhanced LLM Code Agents

LLM-based code agentse.g., ChatGPT Codex are increasingly deployed as detector for code review and security auditing tasks. Although CoT-enhanced LLM vulnerability detectors are believed to provide improved robustness against obfuscated malicious code, we find that their reasoning chains and...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•4 views

Neutralization of IMU-Based GPS Spoofing Detection Using External IMU Sensor and Feedback Methodology

Autonomous Vehicles AVs refer to systems capable of perceiving their states and moving without human intervention. Among the factors required for autonomous decision-making in mobility, positional awareness of the vehicle itself is the most critical. Accordingly, extensive research has been...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/24 12:0 a.m.•7 views

ESET Threat Report H2 2025

This is the H2 2025 issue of the ESET Threat Report. It covers everything from AI malware to NFC threat trends. The threat statistics and trends presented in this report are based on global telemetry data from ESET...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•5 views

On the Effectiveness of Instruction-Tuning Local LLMs for Identifying Software Vulnerabilities

Large Language Models LLMs show significant promise in automating software vulnerability analysis, a critical task given the impact of security failure of modern software systems. However, current approaches in using LLMs to automate vulnerability analysis mostly rely on using online API-based LL...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•8 views

Failure Analysis of Safety Controllers in Autonomous Vehicles under Object-Based LiDAR Attacks

Autonomous vehicles rely on LiDAR based perception to support safety critical control functions such as adaptive cruise control and automatic emergency braking. While previous research has shown that LiDAR perception can be manipulated through object based spoofing and injection attacks, the impa...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•6 views

Anota: Identifying Business Logic Vulnerabilities Via Annotation-Based Sanitization

Detecting business logic vulnerabilities is a critical challenge in software security. These flaws come from mistakes in an application's design or implementation and allow attackers to trigger unintended application behavior. Traditional fuzzing sanitizers for dynamic analysis excel at finding...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•12 views

Power Side-Channel Analysis of the CVA6 RISC-V Core at the RTL Level Using VeriSide

Security in modern RISC-V processors demands more than functional correctness: It requires resilience to side-channel attacks. This paper evaluates the vulnerability of the side channel of the CVA6 RISC-V core by analyzing software-based AES encryption uses an RTL-level power profiling framework...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•7 views

Real-World Adversarial Attacks on RF-Based Drone Detectors

Radio frequency RF based systems are increasingly used to detect drones by analyzing their RF signal patterns, converting them into spectrogram images which are processed by object detection models. Existing RF attacks against image based models alter digital features, making over-the-air OTA...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•25 views

Odysseus: Jailbreaking Commercial Multimodal LLM-Integrated Systems Via Dual Steganography

By integrating language understanding with perceptual modalities such as images, multimodal large language models MLLMs constitute a critical substrate for modern AI systems, particularly intelligent agents operating in open and interactive environments. However, their increasing accessibility al...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•6 views

Key Length-Oriented Classification of Lightweight Cryptographic Algorithms for IoT Security

The successful deployment of the Internet of Things IoT applications relies heavily on their robust security, and lightweight cryptography is considered an emerging solution in this context. While existing surveys have been examining lightweight cryptographic techniques from the perspective of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•4 views

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•11 views

SemCovert: Secure and Covert Video Transmission Via Deep Semantic-Level Hiding

Video semantic communication, praised for its transmission efficiency, still faces critical challenges related to privacy leakage. Traditional security techniques like steganography and encryption are challenging to apply since they are not inherently robust against semantic-level transformations...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•5 views

Post-Quantum Cryptography in the 5G Core

In this work, the conventional cryptographic algorithms used in the 5G Core are replaced with post-quantum alternatives and the practical impact of this transition is evaluated. Using a simulation environment, we model the registration and deregistration of varying numbers of user equipments UEs...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•10 views

Satellite Cybersecurity across Orbital Altitudes: Analyzing Ground-Based Threats to LEO, MEO, and GEO

The rapid proliferation of satellite constellations, particularly in Low Earth Orbit LEO, has fundamentally altered the global space infrastructure, shifting the risk landscape from purely kinetic collisions to complex cyber-physical threats. While traditional safety frameworks focus on debris...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/23 12:0 a.m.•13 views

Evasion-Resilient Detection of DNS-Over-HTTPS Data Exfiltration: A Practical Evaluation and Toolkit

The purpose of this project is to assess how well defenders can detect DNS-over-HTTPS DoH file exfiltration, and which evasion strategies can be used by attackers. While providing a reproducible toolkit to generate, intercept and analyze DoH exfiltration, and comparing Machine Learning vs...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•9 views

Holoscope: Open and Lightweight Distributed Telescope and Honeypot Platform

The complexity and scale of Internet attacks call for distributed, cooperative observatories capable of monitoring malicious traffic across diverse networks. Holoscope is a lightweight, cloud-native platform designed to simplify the deployment and management of distributed telescope passive and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•7 views

IoT-Based Android Malware Detection Using Graph Neural Network with Adversarial Defense

Since the Internet of Things IoT is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract relationships from applications as graphs to generate graph embeddings...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•5 views

Anti-Malicious ISAC: How to Jointly Monitor and Disrupt Your Foes?

Integrated sensing and communication ISAC systems are key enablers of future networks but raise significant security concerns. In this realm, the emergence of malicious ISAC systems has amplified the need for authorized parties to legitimately monitor suspicious communication links and protect...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•6 views

Elevating Intrusion Detection and Security Fortification in Intelligent Networks through Cutting-Edge Machine Learning Paradigms

The proliferation of IoT devices and their reliance on Wi-Fi networks have introduced significant security vulnerabilities, particularly the KRACK and Kr00k attacks, which exploit weaknesses in WPA2 encryption to intercept and manipulate sensitive data. Traditional IDS using classifiers face...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•4 views

6DAttack: Backdoor Attacks in the 6DoF Pose Estimation

Deep learning advances have enabled accurate six-degree-of-freedom 6DoF object pose estimation, widely used in robotics, AR/VR, and autonomous systems. However, backdoor attacks pose significant security risks. While most research focuses on 2D vision, 6DoF pose estimation remains largely...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•6 views

ReGAIN: Retrieval-Grounded AI Framework for Network Traffic Analysis

Modern networks generate vast, heterogeneous traffic that must be continuously analyzed for security and performance. Traditional network traffic analysis systems, whether rule-based or machine learning-driven, often suffer from high false positives and lack interpretability, limiting analyst...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•7 views

Energy-Efficient Multi-LLM Reasoning for Binary-Free Zero-Day Detection in IoT Firmware

Securing Internet of Things IoT firmware remains difficult due to proprietary binaries, stripped symbols, heterogeneous architectures, and limited access to executable code. Existing analysis methods, such as static analysis, symbolic execution, and fuzzing, depend on binary visibility and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•36 views

Causal-Guided Detoxify Backdoor Attack of Open-Weight LoRA Models

Low-Rank Adaptation LoRA has emerged as an efficient method for fine-tuning large language models LLMs and is widely adopted within the open-source community. However, the decentralized dissemination of LoRA adapters through platforms such as Hugging Face introduces novel security vulnerabilities...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/22 12:0 a.m.•5 views

Evaluating MCC for Low-Frequency Cyberattack Detection in Imbalanced Intrusion Detection Data

In many real-world network environments, several types of cyberattacks occur at very low rates compared to benign traffic, making them difficult for intrusion detection systems IDS to detect reliably. This imbalance causes traditional evaluation metrics, such as accuracy, to often overstate model...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•6 views

An Evidence-Driven Analysis of Threat Information Sharing Challenges for Industrial Control Systems and Future Directions

The increasing cyber threats to critical infrastructure highlight the importance of private companies and government agencies in detecting and sharing information about threat activities. Although the need for improved threat information sharing is widely recognized, various technical and...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•5 views

Needles in a Haystack: Using Forensic Network Science to Uncover Insider Trading

Although the automation and digitisation of anti-financial crime investigation has made significant progress in recent years, detecting insider trading remains a unique challenge, partly due to the limited availability of labelled data. To address this challenge, we propose using a data-driven...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•11 views

Efficient Jailbreak Mitigation Using Semantic Linear Classification in a Multi-Staged Pipeline

Prompt injection and jailbreaking attacks pose persistent security challenges to large language model LLM-based systems. We present an efficient and systematically evaluated defense architecture that mitigates these threats through a lightweight, multi-stage pipeline. Its core component is a...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•7 views

DeepGuard: Defending Deep Joint Source-Channel Coding against Eavesdropping at Physical-Layer

Deep joint source-channel coding DeepJSCC has emerged as a promising paradigm for efficient and robust information transmission. However, its intrinsic characteristics also pose new security challenges, notably an increased vulnerability to eavesdropping attacks. Existing studies on defending...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•10 views

Quantum-Resistant Cryptographic Models for Next-Gen Cybersecurity

Another threat is the development of large quantum computers, which have a high likelihood of breaking the high popular security protocols because it can use both Shor and Grover algorithms. In order to fix this looming threat, quantum-resistant cryptographic systems, otherwise known as...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/21 12:0 a.m.•4 views

DREAM: Dynamic Red-Teaming across Environments for AI Models

Large Language Models LLMs are increasingly used in agentic systems, where their interactions with diverse tools and environments create complex, multi-stage safety challenges. However, existing benchmarks mostly rely on static, single-turn assessments that miss vulnerabilities from adaptive,...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•6 views

SoK: Understanding (New) Security Issues across AI4Code Use Cases

AI-for-Code AI4Code systems are reshaping software engineering, with tools like GitHub Copilot accelerating code generation, translation, and vulnerability detection. Alongside these advances, however, security risks remain pervasive: insecure outputs, biased benchmarks, and susceptibility to...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•6 views

Enhancing Decision-Making in Windows PE Malware Classification during Dataset Shifts with Uncertainty Estimation

Artificial intelligence techniques have achieved strong performance in classifying Windows Portable Executable PE malware, but their reliability often degrades under dataset shifts, leading to misclassifications with severe security consequences. To address this, we enhance an existing LightGBM...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•32 views

AI Code in the Wild: Measuring Security Risks and Ecosystem Shifts of AI-Generated Code in Modern Software

Large language models LLMs for code generation are becoming integral to modern software development, but their real-world prevalence and security impact remain poorly understood. We present the first large-scale empirical study of AI-generated code AIGCode in the wild. We build a high-precision...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•7 views

Software Vulnerability Management in the Era of Artificial Intelligence: An Industry Perspective

Artificial Intelligence AI has revolutionized software development, particularly by automating repetitive tasks and improving developer productivity. While these advancements are well-documented, the use of AI-powered tools for Software Vulnerability Management SVM, such as vulnerability detectio...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•5 views

MORPHEUS: A Multidimensional Framework for Modeling, Measuring, and Mitigating Human Factors in Cybersecurity

Current cybersecurity research increasingly acknowledges the human factor, yet remains fragmented, often treating user vulnerabilities as isolated and static traits. This paper introduces MORPHEUS, a holistic framework that operationalizes human-centric security as a dynamic and interconnected...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/20 12:0 a.m.•5 views

Cyber Threat Detection Enabled by Quantum Computing

Threat detection models in cybersecurity must keep up with shifting traffic, strict feature budgets, and noisy hardware, yet even strong classical systems still miss rare or borderline attacks when the data distribution drifts. Small, near-term quantum processors are now available, but existing...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•4 views

New Exam Security Questions in the AI Era: Comparing AI-Generated Item Similarity between Naive and Detail-Guided Prompting Approaches

Large language models LLMs have emerged as powerful tools for generating domain-specific multiple-choice questions MCQs, offering efficiency gains for certification boards but raising new concerns about examination security. This study investigated whether LLM-generated items created with...

6.6AI score
Exploits0
Total number of security vulnerabilities6825