Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•17 views

RAPTOR - Autonomous Offensive/Defensive Security Research Framework

RAPTOR is an autonomous offensive/defensive security research framework, based on Claude Code. It empowers security research with agentic workflows and automation. RAPTOR stands for Recursive Autonomous Penetration Testing and Observation Robot...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•4 views

CISA: Suspicious Unmanned Aircraft System Activity Guidance

Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators is intended for critical infrastructure stakeholders who are concerned with unmanned aircraft system UAS activity near or around their facilities...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•6 views

MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification

Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•7 views

Cryptanalysis of Pseudorandom Error-Correcting Codes

Pseudorandom error-correcting codes PRC is a novel cryptographic primitive proposed at CRYPTO 2024. Due to the dual capability of pseudorandomness and error correction, PRC has been recognized as a promising foundational component for watermarking AI-generated content. However, the security of PR...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•13 views

Securing Agentic AI Systems -- a Multilayer Security Framework

Securing Agentic Artificial Intelligence AI systems requires addressing the complex cyber risks introduced by autonomous, decision-making, and adaptive behaviors. Agentic AI systems are increasingly deployed across industries, organizations, and critical sectors such as cybersecurity, finance, an...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•4 views

CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems

Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•7 views

Social Engineering Attacks: A Systemisation of Knowledge on People against Humans

Our systematisation of knowledge on Social Engineering Attacks SEAs, identifies the human, organisational, and adversarial dimensions of cyber threats. It addresses the growing risks posed by SEAs, highly relevant in the context physical cyber places, such as travellers at airports and residents ...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•5 views

PROVEX: Enhancing SOC Analyst Trust with Explainable Provenance-Based IDS

Modern intrusion detection systems IDS leverage graph neural networks GNNs to detect malicious activity in system provenance data, but their decisions often remain a black box to analysts. This paper presents a comprehensive XAI framework designed to bridge the trust gap in Security Operations...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•7 views

GRAudit Grep Auditing Tool 4.0

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•5 views

Optimizing Epsilon Security Parameters in QKD

We investigate the optimization of epsilon-security parameters in quantum key distribution QKD, aiming to improve the achievable secure key rate under a fixed overall composable security level. For this purpose, we employ a continuous genetic algorithm CGA to optimize the epsilon-security...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•7 views

GameDriverX64.sys 7.23.4.7 Resource Consumption

GameDriverX64.sys versions 7.23.4.7 and below suffers from an uncontrolled resource consumption vulnerability...

5.5CVSS7AI score0.00275EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2025/12/19 12:0 a.m.•24 views

A Practical Solution to Systematically Monitor Inconsistencies in SBOM-Based Vulnerability Scanners

Software Bill of Materials SBOM provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning SVS to identify vulnerabilities, we increasingly observe inconsistencies and unexpected behavior, that resul...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•8 views

Phishing Detection System: An Ensemble Approach Using Character-Level CNN and Feature Engineering

In actuality, phishing attacks remain one of the most prevalent cybersecurity risks in existence today, with malevolent actors constantly changing their strategies to successfully trick users. This paper presents an AI model for a phishing detection system that uses an ensemble approach to combin...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•8 views

Jailbreak-Zero: A Path to Pareto Optimal Red Teaming for Large Language Models

This paper introduces Jailbreak-Zero, a novel red teaming methodology that shifts the paradigm of Large Language Model LLM safety evaluation from a constrained example-based approach to a more expansive and effective policy-based framework. By leveraging an attack LLM to generate a high volume of...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•6 views

Large Language Models As a (Bad) Security Norm in the Context of Regulation and Compliance

The use of Large Language Models LLM by providers of cybersecurity and digital infrastructures of all kinds is an ongoing development. It is suggested and on an experimental basis used to write the code for the systems, and potentially fed with sensitive data or what would otherwise be considered...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•7 views

SoK: Reviewing Two Decades of Security, Privacy, Accessibility, and Usability Studies on Internet of Things for Older Adults

The Internet of Things IoT has the potential to enhance older adults' independence and quality of life, but it also exposes them to security, privacy, accessibility, and usability SPAU risks. We conducted a systematic review of 44 peer-reviewed studies published between 2004 and 2024 using a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•31 views

A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection

As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•7 views

A First Look at Common RPKI Publication Practices

The RPKI is crucial for securing the routing system of the Internet. With the RPKI, owners of Internet resources can make cryptographically backed claims, for example about the legitimate origin of their IP space. Thousands of networks use this information to detect malicious or accidental route...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•7 views

AutoDFBench 1.0: A Benchmarking Framework for Digital Forensic Tool Testing and Generated Code Evaluation

The National Institute of Standards and Technology NIST Computer Forensic Tool Testing CFTT programme has become the de facto standard for providing digital forensic tool testing and validation. However to date, no comprehensive framework exists to automate benchmarking across the diverse forensi...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•11 views

Security Risks of Agentic Vehicles: A Systematic Analysis of Cognitive and Cross-Layer Threats

Agentic AI is increasingly being explored and introduced in both manually driven and autonomous vehicles, leading to the notion of Agentic Vehicles AgVs, with capabilities such as memory-based personalization, goal interpretation, strategic reasoning, and tool-mediated assistance. While framework...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/18 12:0 a.m.•6 views

NGCaptcha: A CAPTCHA Bridging the past and the Future

CAPTCHAs are widely employed for distinguishing humans from automated bots online. However, current vision based CAPTCHAs face escalating security risks: traditional attacks continue to bypass many deployed CAPTCHA schemes, and recent breakthroughs in AI, particularly large scale vision models,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•31 views

Time Will Tell: Large-Scale De-Anonymization of Hidden I2P Services Via Live Behavior Alignment (Extended Version)

I2P Invisible Internet Project is a popular anonymous communication network. While existing de-anonymization methods for I2P focus on identifying potential traffic patterns of target hidden services among extensive network traffic, they often fail to scale effectively across the large and diverse...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•4 views

Packed Malware Detection Using Grayscale Binary-To-Image Representations

Detecting packed executables is a critical step in malware analysis, as packing obscures the original code and complicates static inspection. This study evaluates both classical feature-based methods and deep learning approaches that transform binary executables into visual representations,...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•6 views

Random Coding for Long-Range Continuous-Variable QKD

Quantum Key Distribution QKD schemes are key exchange protocols based on the physical properties of quantum channels. They avoid the computational-hardness assumptions that underlie the security of classical key exchange. Continuous-Variable QKD CVQKD, in contrast to qubit-based discrete-variable...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•12 views

Security Aspects of ISO 15118 Plug and Charge Payment

For the rise of electric vehicles, especially for long-distance driving, minimizing charging times is vital. While multiple standards for DC fast charging exist, the leading standard in Europe is ISO 15118. In theory, this standard is accompanied by a variety of security controls, ensuring the...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•8 views

WuppieFuzz: Coverage-Guided, Stateful REST API Fuzzing

Many business processes currently depend on web services, often using REST APIs for communication. REST APIs expose web service functionality through endpoints, allowing easy client interaction over the Internet. To reduce the security risk resulting from exposed endpoints, thorough testing is...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•5 views

Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•14 views

Talking to the Airgap: Exploiting Radio-Less Embedded Devices As Radio Receivers

Intelligent electronics are deeply embedded in critical infrastructures and must remain reliable, particularly against deliberate attacks. To minimize risks and impede remote compromise, sensitive systems can be physically isolated from external networks, forming an airgap. Yet, airgaps can still...

8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•9 views

Analysing Multidisciplinary Approaches to Fight Large-Scale Digital Influence Operations

Crime as a Service CaaS has evolved from isolated criminal incidents to a broad spectrum of illicit activities, including social media manipulation, foreign information manipulation and interference FIMI, and the sale of disinformation toolkits. This article analyses how threat actors exploit...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•9 views

CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities

Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/17 12:0 a.m.•5 views

Quantum Machine Learning for Cybersecurity: A Taxonomy and Future Directions

The increasing number of cyber threats and rapidly evolving tactics, as well as the high volume of data in recent years, have caused classical machine learning, rules, and signature-based defence strategies to fail, rendering them unable to keep up. An alternative, Quantum Machine Learning QML, h...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•6 views

Nuclei 3.6.1

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•6 views

Trust in LLM-Controlled Robotics: A Survey of Security Threats, Defenses and Challenges

The integration of Large Language Models LLMs into robotics has revolutionized their ability to interpret complex human commands and execute sophisticated tasks. However, such paradigm shift introduces critical security vulnerabilities stemming from the ''embodiment gap'', a discord between the...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•6 views

FreeBSD Security Advisory - FreeBSD-SA-25:11.ipfw

FreeBSD Security Advisory - In some cases, the 'tcp-setmss' handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference...

6.9AI score0.01097EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

ScamSweeper: Detecting Illegal Accounts in Web3 Scams Via Transactions Analysis

The web3 applications have recently been growing, especially on the Ethereum platform, starting to become the target of scammers. The web3 scams, imitating the services provided by legitimate platforms, mimic regular activity to deceive users. However, previous studies have primarily concentrated...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•6 views

An Empirical Analysis of Zero-Day Vulnerabilities Disclosed by the Zero Day Initiative

Zero-day vulnerabilities represent some of the most critical threats in cybersecurity, as they correspond to previously unknown flaws in software or hardware that are actively exploited before vendors can develop and deploy patches. During this exposure window, affected systems remain defenseless...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•7 views

GRR 4.0.0.0

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

Intrusion Detection in Internet of Vehicles Using Machine Learning

The Internet of Vehicles IoV has evolved modern transportation through enhanced connectivity and intelligent systems. However, this increased connectivity introduces critical vulnerabilities, making vehicles susceptible to cyber-attacks such Denial-ofService DoS and message spoofing. This project...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•10 views

FreeBSD Security Advisory - FreeBSD-SA-25:12.rtsold

FreeBSD Security Advisory - The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that...

7AI score0.06272EPSS
Exploits7
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

HAL -- an Open-Source Framework for Gate-Level Netlist Analysis

HAL is an open-source framework for gate-level netlist analysis, an integral step in hardware reverse engineering. It provides analysts with an interactive GUI, an extensible plugin system, and APIs in both C++ and Python for rapid prototyping and automation. In addition, HAL ships with plugins f...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

LegionITS: A Federated Intrusion-Tolerant System Architecture

The growing sophistication, frequency, and diversity of cyberattacks increasingly exceed the capacity of individual entities to fully understand and counter them. While existing solutions, such as Security Information and Event Management SIEM systems, Security Orchestration, Automation, and...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•8 views

UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis

We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•6 views

Hybrid Ensemble Method for Detecting Cyber-Attacks in Water Distribution Systems Using the BATADAL Dataset

The cybersecurity of Industrial Control Systems that manage critical infrastructure such as Water Distribution Systems has become increasingly important as digital connectivity expands. BATADAL benchmark data is a good source of testing intrusion detection techniques, but it presents several...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

SeBERTis: A Framework for Producing Classifiers of Security-Related Issue Reports

Monitoring issue tracker submissions is a crucial software maintenance activity. A key goal is the prioritization of high risk, security-related bugs. If such bugs can be recognized early, the risk of propagation to dependent products and endangerment of stakeholder benefits can be mitigated. To...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•11 views

Data Protection and Corporate Reputation Management in the Digital Era

This paper analyzes the relationship between cybersecurity management, data protection, and corporate reputation in the context of digital transformation. The study examines how organizations implement strategies and tools to mitigate cyber risks, comply with regulatory requirements, and maintain...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•5 views

Cybercrime and Computer Forensics in Epoch of Artificial Intelligence in India

The integration of generative Artificial Intelligence into the digital ecosystem necessitates a critical re-evaluation of Indian criminal jurisprudence regarding computational forensics integrity. While algorithmic efficiency enhances evidence extraction, a research gap exists regarding the Digit...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•65 views

PentestEval: Benchmarking LLM-Based Penetration Testing with Modular and Stage-Level Design

Penetration testing is essential for assessing and strengthening system security against real-world threats, yet traditional workflows remain highly manual, expertise-intensive, and difficult to scale. Although recent advances in Large Language Models LLMs offer promising opportunities for...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•22 views

Cloud Security Leveraging AI: A Fusion-Based AISOC for Malware and Log Behaviour Detection

Cloud Security Operations Center SOC enable cloud governance, risk and compliance by providing insights visibility and control. Cloud SOC triages high-volume, heterogeneous telemetry from elastic, short-lived resources while staying within tight budgets. In this research, we implement an...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•20 views

AIAuditTrack: A Framework for AI Security System

The rapid expansion of AI-driven applications powered by large language models has led to a surge in AI interaction data, raising urgent challenges in security, accountability, and risk traceability. This paper presents AiAuditTrack AAT, a blockchain-based framework for AI usage traffic recording...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/12/16 12:0 a.m.•29 views

APT-ClaritySet: A Large-Scale, High-Fidelity Labeled Dataset for APT Malware with Alias Normalization and Graph-Based Deduplication

Large-scale, standardized datasets for Advanced Persistent Threat APT research are scarce, and inconsistent actor aliases and redundant samples hinder reproducibility. This paper presents APT-ClaritySet and its construction pipeline that normalizes threat actor aliases reconciling approximately...

6.8AI score
Exploits0
Total number of security vulnerabilities6825