Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
•added 2025/11/24 12:0 a.m.•5 views

DUALGUAGE: Automated Joint Security-Functionality Benchmarking for Secure Code Generation

Large language models LLMs and autonomous coding agents are increasingly used to generate software across a wide range of domains. Yet a core requirement remains unmet: ensuring that generated code is secure without compromising its functional correctness. Existing benchmarks and evaluations for...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/24 12:0 a.m.•8 views

Cross-LLM Generalization of Behavioral Backdoor Detection in AI Agent Supply Chains

As AI agents become integral to enterprise workflows, their reliance on shared tool libraries and pre-trained components creates significant supply chain vulnerabilities. While previous work has demonstrated behavioral backdoor detection within individual LLM architectures, the critical question ...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/24 12:0 a.m.•22 views

IRSDA: An Agent-Orchestrated Framework for Enterprise Intrusion Response

Modern enterprise systems face escalating cyber threats that are increasingly dynamic, distributed, and multi-stage in nature. Traditional intrusion detection and response systems often rely on static rules and manual workflows, which limit their ability to respond with the speed and precision...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/24 12:0 a.m.•10 views

FedPoisonTTP: A Threat Model and Poisoning Attack for Federated Test-Time Personalization

Test-time personalization in federated learning enables models at clients to adjust online to local domain shifts, enhancing robustness and personalization in deployment. Yet, existing federated learning work largely overlooks the security risks that arise when local adaptation occurs at test tim...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/24 12:0 a.m.•5 views

Evolution of Cybersecurity Subdisciplines: A Science of Science Study

The science of science is an emerging field that studies the practice of science itself. We present the first study of the cybersecurity discipline from a science of science perspective. We examine the evolution of two comparable interdisciplinary communities in cybersecurity: the Symposium on...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/23 12:0 a.m.•14 views

From Reviewers' Lens: Understanding Bug Bounty Report Invalid Reasons with LLMs

Bug bounty platforms e.g., HackerOne, BugCrowd leverage crowd-sourced vulnerability discovery to improve continuous coverage, reduce the cost of discovery, and serve as an integral complement to internal red teams. With the rise of AI-generated bug reports, little work exists to help bug hunters...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/23 12:0 a.m.•5 views

Evaluation of Real-Time Mitigation Techniques for Cyber Security in IEC 61850 / IEC 62351 Substations

The digitalization of substations enlarges the cyber-attack surface, necessitating effective detection and mitigation of cyber attacks in digital substations. While machine learning-based intrusion detection has been widely explored, such methods have not demonstrated detection and mitigation...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/23 12:0 a.m.•7 views

Zero-Trust Strategies for O-RAN Cellular Networks: Principles, Challenges and Research Directions

Cellular networks have become foundational to modern communication, supporting a broad range of applications, from civilian use to enterprise systems and military tactical networks. The advent of fifth-generation and beyond cellular networks B5G introduces emerging compute capabilities into the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/23 12:0 a.m.•11 views

TASO: Jailbreak LLMs Via Alternative Template and Suffix Optimization

Many recent studies showed that LLMs are vulnerable to jailbreak attacks, where an attacker can perturb the input of an LLM to induce it to generate an output for a harmful question. In general, existing jailbreak techniques either optimize a semantic template intended to induce the LLM to produc...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/23 12:0 a.m.•31 views

LLMs As Firmware Experts: A Runtime-Grown Tree-Of-Agents Framework

Large Language Models LLMs and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the binary nature of firmware, complex dependency structures, a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/22 12:0 a.m.•5 views

Building Browser Agents: Architecture, Security, and Practical Solutions

Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current approaches fail and what prevents safe autonomous operatio...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/22 12:0 a.m.•7 views

EBPF-PATROL: Protective Agent for Threat Recognition and Overreach Limitation Using EBPF in Containerized and Virtualized Environments

With the increasing use and adoption of cloud and cloud-native computing, the underlying technologies i.e., containerization and virtualization have become foundational. However, strict isolation and maintaining runtime security in these environments has become increasingly challenging. Existing...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/22 12:0 a.m.•11 views

Federated Anomaly Detection and Mitigation for EV Charging Forecasting under Cyberattacks

Electric Vehicle EV charging infrastructure faces escalating cybersecurity threats that can severely compromise operational efficiency and grid stability. Existing forecasting techniques are limited by the lack of combined robust anomaly mitigation solutions and data privacy preservation...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/22 12:0 a.m.•4 views

A Novel and Practical Universal Adversarial Perturbations against Deep Reinforcement Learning Based Intrusion Detection Systems

Intrusion Detection Systems IDS play a vital role in defending modern cyber physical systems against increasingly sophisticated cyber threats. Deep Reinforcement Learning-based IDS, have shown promise due to their adaptive and generalization capabilities. However, recent studies reveal their...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/22 12:0 a.m.•9 views

Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway

As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•15 views

AutoGraphAD: A Novel Approach Using Variational Graph Autoencoders for Anomalous Network Flow Detection

Network Intrusion Detection Systems NIDS are essential tools for detecting network attacks and intrusions. While extensive research has explored the use of supervised Machine Learning for attack detection and characterisation, these methods require accurately labelled datasets, which are very...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•3 views

Deepfake Geography: Detecting AI-Generated Satellite Images

The rapid advancement of generative models such as StyleGAN2 and Stable Diffusion poses a growing threat to the authenticity of satellite imagery, which is increasingly vital for reliable analysis and decision-making across scientific and security domains. While deepfake detection has been...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•4 views

Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys

Incident Response IR allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of these goals, technical practitioners are increasingly influenced by stakeholders like cyber insurers and...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•3 views

Steering in the Shadows: Causal Amplification for Activation Space Attacks in Large Language Models

Modern large language models LLMs are typically secured by auditing data, prompts, and refusal policies, while treating the forward pass as an implementation detail. We show that intermediate activations in decoder-only LLMs form a vulnerable attack surface for behavioral control. Building on...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•7 views

ReVul-CoT: Towards Effective Software Vulnerability Assessment with Retrieval-Augmented Generation and Chain-Of-Thought Prompting

Context: Software Vulnerability Assessment SVA plays a vital role in evaluating and ranking vulnerabilities in software systems to ensure their security and reliability. Objective: Although Large Language Models LLMs have recently shown remarkable potential in SVA, they still face two major...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•7 views

The Star Product of Uniformly Random Codes

We consider the problem of determining the expected dimension of the star product of two uniformly random linear codes that are not necessarily of the same dimension. We achieve this by establishing a correspondence between the star product and the evaluation of bilinear forms, which we use to...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•14 views

Beyond Jailbreak: Unveiling Risks in LLM Applications Arising from Blurred Capability Boundaries

LLM applications i.e., LLM apps leverage the powerful capabilities of LLMs to provide users with customized services, revolutionizing traditional application development. While the increasing prevalence of LLM-powered applications provides users with unprecedented convenience, it also brings fort...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•7 views

ThreadFuzzer: Fuzzing Framework for Thread Protocol

With the rapid growth of IoT, secure and efficient mesh networking has become essential. Thread has emerged as a key protocol, widely used in smart-home and commercial systems, and serving as a core transport layer in the Matter standard. This paper presents ThreadFuzzer, the first dedicated...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•7 views

StealthCup: Realistic, Multi-Stage, Evasion-Focused CTF for Benchmarking IDS

Intrusion Detection Systems IDS are critical to defending enterprise and industrial control environments, yet evaluating their effectiveness under realistic conditions remains an open challenge. Existing benchmarks rely on synthetic datasets e.g., NSL-KDD, CICIDS2017 or scripted replay frameworks...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•7 views

The Dark Side of Flexibility: How Aggregated Cyberattacks Threaten the Power Grid

Flexible energy resources are increasingly becoming common in smart grids. These resources are typically managed and controlled by aggregators that coordinate many resources to provide flexibility services. However, these aggregators and flexible energy resources are vulnerable, which could allow...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/21 12:0 a.m.•33 views

AudioCodes Fax/IVR Appliance 2.6.23 Scanner

AudioCodes Fax/IVR Appliance version 2.6.23 vulnerability scanning tool that detects instances for identification purposes but does not actively exploit them...

9.3CVSS6.9AI score0.03188EPSS
Exploits9
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•9 views

HackOnChat: Unmasking the WhatsApp Hacking Scam

CTM360 has discovered a large-scale malicious campaign targeting WhatsApp users worldwide. This scam is designed to hijack WhatsApp accounts through deceptive phishing schemes that exploit user trust in the WhatsApp brand. Threat actors behind this campaign create fraudulent websites that closely...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•6 views

Password Strength Analysis through Social Network Data Exposure: A Combined Approach Relying on Data Reconstruction and Generative Models

Although passwords remain the primary defense against unauthorized access, users often tend to use passwords that are easy to remember. This behavior significantly increases security risks, also due to the fact that traditional password strength evaluation methods are often inadequate. In this...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•11 views

A Comprehensive Study on Cyber Attack Vectors in EV Traction Power Electronics

Electric vehicles EVs have drastically changed the auto industry and developed a new era of technologies where power electronics play the leading role in traction management, energy conversion and vehicle control processes. Nevertheless, this is a digital transformation, and the cyber-attack...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•17 views

CISA: Suspicious Unmanned Aircraft System Activity Guidance

Suspicious Unmanned Aircraft System Activity Guidance for Critical Infrastructure Owners and Operators is intended for critical infrastructure stakeholders who are concerned with unmanned aircraft system UAS activity near or around their facilities...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•5 views

Multi-Domain Security for 6G ISAC: Challenges and Opportunities in Transportation

Integrated sensing and communication ISAC will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•9 views

Wireshark Analyzer 4.6.1

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•4 views

GNU Transport Layer Security Library 3.8.11

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

6.9AI score0.00203EPSS
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•25 views

Autumn Dragon: China-Nexus APT Group Target South East Asia

This report details Autumn Dragon, a sustained, multi-month espionage campaign against the government, media, and news sectors in several countries including Laos, Cambodia, Singapore, the Philippines and Indonesia...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•6 views

Future-Back Threat Modeling: A Foresight-Driven Security Framework

Traditional threat modeling remains reactive-focused on known TTPs and past incident data, while threat prediction and forecasting frameworks are often disconnected from operational or architectural artifacts. This creates a fundamental weakness: the most serious cyber threats often do not arise...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•5 views

RampoNN: A Reachability-Guided System Falsification for Efficient Cyber-Kinetic Vulnerability Detection

Detecting kinetic vulnerabilities in Cyber-Physical Systems CPS, vulnerabilities in control code that can precipitate hazardous physical consequences, is a critical challenge. This task is complicated by the need to analyze the intricate coupling between complex software behavior and the system's...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•4 views

CISA: Safe Handling Considerations for Downed Unmanned Aircraft Systems

Safe Handling Considerations for Downed Unmanned Aircraft Systems provides information on how to prepare for and respond to downed unmanned aircraft systems UAS that may pose a safety or security concern...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•11 views

Multi-Faceted Attack: Exposing Cross-Model Vulnerabilities in Defense-Equipped Vision-Language Models

The growing misuse of Vision-Language Models VLMs has led providers to deploy multiple safeguards, including alignment tuning, system prompts, and content moderation. However, the real-world robustness of these defenses against adversarial attacks remains underexplored. We introduce Multi-Faceted...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•4 views

Systematically Deconstructing APVD Steganography and Its Payload with a Unified Deep Learning Paradigm

In the era of digital communication, steganography allows covert embedding of data within media files. Adaptive Pixel Value Differencing APVD is a steganographic method valued for its high embedding capacity and invisibility, posing challenges for traditional steganalysis. This paper proposes a...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/20 12:0 a.m.•9 views

"To Survive, I Must Defect": Jailbreaking LLMs Via the Game-Theory Scenarios

As LLMs become more common, non-expert users can pose risks, prompting extensive research into jailbreak attacks. However, most existing black-box jailbreak attacks rely on hand-crafted heuristics or narrow search spaces, which limit scalability. Compared with prior attacks, we propose Game-Theor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•7 views

CISA: Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers

CISA, in collaboration with the U.S. National Security Agency, U.S. Department of Defense Cyber Crime Center, U.S. Federal Bureau of Investigation, and international partners, have released the guide Bulletproof Defense: Mitigating Risks from Bulletproof Hosting Providers to help internet service...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•12 views

Trustworthy GenAI over 6G: Integrated Applications and Security Frameworks

The integration of generative artificial intelligence GenAI into 6G networks promises substantial performance gains while simultaneously exposing novel security vulnerabilities rooted in multimodal data processing and autonomous reasoning. This article presents a unified perspective on cross-doma...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•5 views

Can MLLMs Detect Phishing? A Comprehensive Security Benchmark Suite Focusing on Dynamic Threats and Multimodal Evaluation in Academic Environments

The rapid proliferation of Multimodal Large Language Models MLLMs has introduced unprecedented security challenges, particularly in phishing detection within academic environments. Academic institutions and researchers are high-value targets, facing dynamic, multilingual, and context-dependent...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•6 views

TopoReformer: Mitigating Adversarial Attacks Using Topological Purification in OCR Models

Adversarially perturbed images of text can cause sophisticated OCR systems to produce misleading or incorrect transcriptions from seemingly invisible changes to humans. Some of these perturbations even survive physical capture, posing security risks to high-stakes applications such as document...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•32 views

Hiding in the AI Traffic: Abusing MCP for LLM-Powered Agentic Red Teaming

Generative AI is reshaping offensive cybersecurity by enabling autonomous red team agents that can plan, execute, and adapt during penetration tests. However, existing approaches face trade-offs between generality and specialization, and practical deployments reveal challenges such as...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•13 views

Small Language Models for Phishing Website Detection: Cost, Performance, and Privacy Trade-Offs

Phishing websites pose a major cybersecurity threat, exploiting unsuspecting users and causing significant financial and organisational harm. Traditional machine learning approaches for phishing detection often require extensive feature engineering, continuous retraining, and costly infrastructur...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•28 views

Securing AI Agents against Prompt Injection Attacks

Retrieval-augmented generation RAG systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive benchmark for evaluating prompt injection risks in RAG-enabled A...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/19 12:0 a.m.•6 views

Towards a Formal Verification of Secure Vehicle Software Updates

With the rise of software-defined vehicles SDVs, where software governs most vehicle functions alongside enhanced connectivity, the need for secure software updates has become increasingly critical. Software vulnerabilities can severely impact safety, the economy, and society. In response to this...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/18 12:0 a.m.•10 views

ForensicFlow: A Tri-Modal Adaptive Network for Robust Deepfake Detection

Deepfakes generated by advanced GANs and autoencoders severely threaten information integrity and societal stability. Single-stream CNNs fail to capture multi-scale forgery artifacts across spatial, texture, and frequency domains, limiting robustness and generalization. We introduce the...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/18 12:0 a.m.•5 views

HyMAD: A Hybrid Multi-Activity Detection Approach for Border Surveillance and Monitoring

Seismic sensing has emerged as a promising solution for border surveillance and monitoring; the seismic sensors that are often buried underground are small and cannot be noticed easily, making them difficult for intruders to detect, avoid, or vandalize. This significantly enhances their...

6.8AI score
Exploits0
Total number of security vulnerabilities6825