Lucene search
K
PacketstormnewsRecent

6788 matches found

Packet Storm News
Packet Storm News
added 2026/06/23 12:0 a.m.3 views

HelpBench: Assessing the Ability of LLMs to Provide Privacy, Safety, and Security Advice

This paper introduces HelpBench, a benchmark for assessing whether LLMs are capable of providing accurate help in response to questions about digital privacy, safety, and security. We curated 450 questions representing authentic user situations and developed rubrics for each question to evaluate...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/23 12:0 a.m.3 views

Burnyard: Future of Malware Analysis

Malware analysis is a critical aspect of modern cybersecurity. The prevailing industry practice, sandboxing, involves executing suspicious binaries within isolated virtual machines in large-scale data centers. However, this approach can unintentionally expose samples to public platforms such as...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/23 12:0 a.m.3 views

Inside Crypter-As-A-Service: An Ecosystem Analysis of the Exploit.In Underground Forum Research Talks

Crypter-as-a-Service CraaS has become a key enabling layer of the contemporary malware economy by providing on-demand evasion capabilities through underground service markets. In this paper, we present a longitudinal characterization of the CraaS ecosystem on exploit.in, a major Russian-language...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.14 views

A Hybrid Intrusion Detection System for Electric Vehicle Charging Infrastructure

The integration of Electric Vehicle Charging Stations EVCSs into the smart grid necessitates sophisticated digital infrastructure for their management and coordination, which expands the attack surface and makes both the power grid and EVCSs vulnerable to cyberattacks. This research addresses...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.6 views

A Quantum Algorithm for One-Shot Signatures

We provide a pre-obfuscation circuit-level implementation of an efficient one shot signature scheme, which has known applications to delegated signatures, secured token transfer, and publicly verifiable randomness. The algorithm consists of two stages: a key generation stage where a classical...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

Faraday 5.22.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

CVE MCP Server 0.2.0

CVE MCP Server is a production-grade Model Context Protocol MCP server that turns Claude into a full-spectrum security analyst. Instead of juggling 15+ browser tabs across NVD, EPSS, CISA KEV, Shodan, VirusTotal, and GreyNoise, ask Claude one question and get correlated intelligence in seconds...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.4 views

Joern 4.0.562

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.15 views

Detecting Malicious Agent Skills in the Wild Using Attention

LLM agents increasingly load skills, file-based packages of natural-language instructions written by third parties and distributed through marketplaces, that execute with the user's privileges. A single malicious skill can exfiltrate data, hijack the agent, or persist as a supply-chain foothold,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.11 views

What You See Is Not What You Execute: Memory-Based Runtime SBOM Generation for Supply Chain Security

Modern software development relies heavily on third-party components from public repositories, expanding the software supply chain attack surface. In response to these growing risks, federal initiatives have advanced the Software Bill of Materials SBOM as a standardized mechanism for improving...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.4 views

Deep-Research Agents Can Be Poisoned Via User-Generated Content

Deep-research agents, i.e., systems that rely on multi-agent pipelines to iteratively retrieve, synthesize, and cite Web content in order to produce structured reports, are rapidly replacing traditional search for both routine and complex information needs. These agents issue many related queries...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

AI Toolchain Hijacked: IDE Plugin API Key Theft

Whitepaper called AI Toolchain Hijacked: IDE Plugin API Key Theft. The proliferation of AI-assisted development tools has substantially changed how developers configure and manage credentials in their working environment. Where a developer's IDE once contained little more than syntax highlighting...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.10 views

CITADEL: CSI-Based Jamming Detection and Open-Set Classification for IIoT Networks

Radio frequency jamming poses a critical threat to the availability of wireless Industrial Internet of Things IIoT networks. Existing detection and classification techniques are poorly suited to this setting: coarse signal-strength and cross-layer features lack information richness, while raw I/Q...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

WPProbe Plugin Enumeration Tool 0.12.1

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.5 views

Apple Security Advisory 06-16-2026-1

Apple Security Advisory 06-16-2026-1 - Beats Firmware Update 1B211 addresses an eavesdropping vulnerability...

8.8CVSS5.8AI score0.04372EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.16 views

Understanding the Stealthy BGP Hijacking Risk in the ROV Era

The partial deployment of Route Origin Validation ROV poses an unexpected security threat known as stealthy BGP hijacking, i.e., a particularly elusive form of BGP hijacking where malicious routes divert traffic without reaching and thus alerting the victims. This risk remains largely unexplored,...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

RIFT-Bench: Dynamic Red-Teaming for Agentic AI Systems

Agentic AI systems powered by large language models LLMs are rapidly evolving into autonomous decision-making systems, exposing attack vectors beyond those of traditional LLM vulnerabilities. Existing security evaluations are often tied to specific implementations or domains, limiting unified...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.20 views

Understanding the (In)Security of Vibe-Coded Applications

Recent advances in large language models LLMs have enabled vibe coding, an emerging software development paradigm in which users create applications primarily through natural-language interactions with AI agents. Due to its low barrier to entry, vibe coding is rapidly gaining adoption in practice...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.4 views

AutoPRAC: Automating Attack Discovery for PRAC-Based Rowhammer Defenses Using Model Checkers

Per-Row Activation Counting PRAC in DDR5 is a specification to mitigate Rowhammer attacks by tracking activations per row and triggering mitigative refreshes when needed. However, the security of PRAC designs is currently evaluated using human-crafted attack patterns and we lack formal verificati...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.3 views

PixJail: Self-Evolving Paper-To-Pipeline Reproduction for Text-To-Image Jailbreak Evaluation

As Text-to-Image T2I jailbreak techniques evolve rapidly, existing benchmarks and reproduction workflows often struggle to keep pace. More importantly, T2I jailbreak evaluation is not a single prompt-level test, but a pipeline-level problem shaped by multiple stages, including prompt...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.5 views

Maestro 0.17.1

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/22 12:0 a.m.6 views

Rising from the Ashes: How Agentic AI Is Unblocking Challenges in Cybersecurity

Security remains a high-cost challenge, with many problems historically deemed inefficient to address or effectively unsolvable. A significant number of these problems stem from labor-intensive tasks that create bottlenecks in defensive approaches. Agentic AI has the potential to alleviate these...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/21 12:0 a.m.10 views

Towards Robust Personalized Federated Learning: Vulnerability Assessment and Defense Co-Design

The proliferation of IoT devices has fueled distributed edge systems to collect vast amounts of sensitive data, creating fertile ground for on-device machine learning applications. While federated learning FL mitigates privacy concerns by exchanging model parameters instead of raw data, we identi...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/21 12:0 a.m.12 views

From CVE to CWE: Syscall-Based HIDS Generalisation

Host intrusion detection systems HIDS based on system-call traces are typically trained and evaluated against individual Common Vulnerabilities and Exposures CVE instances. In operational settings, however, defenders need to recognise new exploits of an already known type of weakness. We...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/21 12:0 a.m.18 views

RAVEN: Agentic RAG for Automated Vulnerability Repair

Automated vulnerability repair has emerged as a promising direction to mitigate the growing number of software vulnerabilities. Recent advances in Large Language Models LLMs have further accelerated research in automated repair. However, existing frameworks remain largely restricted to...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/21 12:0 a.m.12 views

One-Prompt Censorship Evasion Via Generative Diffusion Models

The escalating arms race between Internet censorship and evasion has driven censors to evolve from static rule-based filtering to sophisticated deep learning-based traffic analysis. While recent automated evasion tools have attempted to counter this by leveraging stochastic search and programmabl...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/20 12:0 a.m.10 views

TRACE: A Threat Modelling Methodology for Distributed, Cloud-First, and Decentralized Organisations

Established threat modelling methodologies STRIDE, PASTA, Trike, OCTAVE, LINDDUN, attack trees, and adversary-behaviour catalogues such as MITRE ATT&CK were designed for software products and enterprises with a discernible security perimeter, a single owning organisation, and a clean separation...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/20 12:0 a.m.5 views

DejaVu: Why You Should Write to Your DRAM Rows Twice, Carefully

We provide the first experimental demonstration of DejaVu, a phenomenon where the data previously written to DRAM cells affects DRAM's vulnerability to read disturbance. Our experimental characterization using 112 COTS DDR4 DRAM chips from all three major manufacturers shows that, compared to the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/20 12:0 a.m.24 views

AgentRiskBOM: A Risk-Scoping Security Bill of Materials for Agentic AI Systems

Agentic AI systems retrieve private context, invoke tools, write files, call external services, coordinate with other agents, and may act without human approval. Existing bill of materials artifacts improve transparency for dependencies, model metadata, and training provenance, but leave an agent...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/20 12:0 a.m.17 views

Investigating the Security of Modern AI and Cloud Infrastructure

The widespread deployment of Deep Neural Networks and Large Language Models LLMs relies on a foundational assumption of isolation that this dissertation challenges. This work systematically deconstructs security assumptions around AI and modern cloud infrastructure through a taxonomy of interacti...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/20 12:0 a.m.50 views

Revelio: Cost-Efficient Agentic Memory Safety Vulnerability Detection for Repository-Scale Codebases

Memory safety vulnerabilities remain a significant threat even for projects with extensive fuzzing and manual auditing. Recent results suggest that large language models hold great promise for detecting such vulnerabilities, but they are unreliable, at risk of hallucination, and challenging to...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.8 views

TOTOLink N300RH Endpoint Scanner

This Metasploit auxiliary module is a safe scanner designed to detect TOTOLINK N300RH devices by identifying web interface fingerprints. It checks for indicators like TOTOLINK or N300RH in HTTP responses and verifies whether the setWiFiBasicConfig CGI endpoint is accessible...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.9 views

VS Code Extension Security Scanner

A local security auditing tool that scans installed VS Code, VS Code Insiders, VS Code Server, VS Code OSS, and Cursor extensions for potentially suspicious behaviors. The script enumerates extension directories, parses extension metadata, and flags extensions that automatically execute on startu...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.48 views

A Longitudinal Study of Android Apps Signing Key Protection

Android app signing relies on developer-managed credentials, making secure key protection essential for the integrity of the software supply chain. A recent platform key leakage incident involving two major OEM manufacturers demonstrates that even robustly designed signing mechanisms can be...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.11 views

YAMCS Authentication Endpoint Enumeration Script

A low-risk security assessment utility that identifies a YAMCS instance, queries version information, tests the OAuth authentication endpoint with invalid credentials, and observes how the server handles special characters in usernames. The script performs basic reconnaissance and input-validatio...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.24 views

A Hybrid, Multi-Layered Pipeline for Phishing and Threat Classification: Independently Validated URL and NLP Engines with a Calibrated Multi-Channel Fusion Stage

Phishing is a multi-modal threat. We present a hybrid pipeline that scores each modality with its own engine and fuses the results. Three engines are built, deployed, and independently benchmarked: a four-stage URL stack Domain Guard, lexical model, threat intelligence, and an asymmetric L2 fusio...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.5 views

CNnotator: LLM-Guided Memory Safety Annotation Synthesis

Memory safety errors account for a large proportion of security bugs in systems written in C; modern languages such as Java and Rust prevent such bugs because they are memory-safe by design. To migrate systems to safer languages or identify memory errors, we must first determine how legacy code...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.17 views

From Production SIEM to Reusable Cybersecurity Artifacts

Operational evidence is not automatically scientific evidence. The most realistic Security Operations Center SOC data is production telemetry, yet it remains scientifically inaccessible because raw logs cannot be released; as a result, research relies on synthetic or dated datasets. We treat the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.10 views

HOWLR: A Client-Driven Approach to BGP Hijack Detection

BGP hijacking enables impersonation attacks in which adversaries divert traffic at the prefix level and serve malicious content to unsuspecting clients. Detecting such attacks has traditionally been the responsibility of network operators, leaving end hosts exposed for hours. We argue that end...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.10 views

Evaluating LLMs for Real-World Web Vulnerability Detection

Large Language Models LLMs have emerged as a promising tool for automated vulnerability detection, yet their effectiveness on web-specific vulnerabilities remains to be explored. This work benchmarks six frontier Claude Opus 4.6, Codex GPT-5.4, Gemini 3.1-pro-preview and open-weight models Qwen...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.5 views

ARENA: An Architecture for Measuring the Transferability of Autonomous Cyber Defense

Operational evidence is not automatically scientific evidence. The most realistic Security Operations Center SOC data is production telemetry, yet it remains scientifically inaccessible because raw logs cannot be released; as a result, research relies on synthetic or dated datasets. We treat the...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.9 views

VS Code Extension Persistence Installer

This Python3 script acts as a persistence mechanism that creates and installs a custom VS Code extension designed to execute a specified operating system command whenever VS Code starts. The script generates a new extension, configures it to activate automatically, registers it with VS Code, and...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.14 views

Veno File Manager 4.4.9 Logs Export Checker

This is a Metasploit auxiliary module used for security testing of Veno File Manager that checks whether the log export endpoint is accessible without authentication...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.11 views

Joplin Plugin Persistence

This Metasploit module installs a malicious Joplin plugin .jpl into the targets Joplin plugin directory. The plugin executes the payload each time Joplin is launched, providing persistent code execution. Joplin can not be running at the time of plugin installation, or it will be overwritten at...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.18 views

TLS Certificate Reuse Analyzer

Python-based TLS auditing utility that connects to multiple remote hosts, retrieves their presented TLS certificates, fingerprints each certificate, and compares those fingerprints to identify certificate reuse across systems. It also records basic TLS metadata such as protocol version, cipher...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.9 views

TLS Monitoring – Certificate Baseline Tracking and Risk Scoring System

This is a Python-based TLS monitoring framework that performs certificate collection, baseline tracking, and configuration assessment for remote services. The tool records certificate fingerprints, TLS versions, cipher suites, key sizes, and validity periods, stores historical baselines in SQLite...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/19 12:0 a.m.13 views

Veno File Manager 4.4.9 Access Control Scanner

This script performs basic checks against Veno File Manager to see if sensitive endpoints are exposed...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/18 12:0 a.m.15 views

Artificial Intelligence As Game Changer in Cybersecurity: What We Learned in 2025-2026, and How This Is Relevant for Africa

In 2025 and 2026, two events settled questions that had until then been speculative. In the first, a large language model executed the great majority of a state-aligned cyber-espionage campaign on its own, with human operators intervening at only a few decision points. In the second, the most...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/18 12:0 a.m.8 views

Unquoted Service Path Detection and Remediation Tool for Windows

This PowerShell script is a comprehensive security auditing tool designed to detect and fix unquoted service path vulnerabilities in Windows services...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/18 12:0 a.m.62 views

LLM Agent Safety, Multi-Turn Red-Teaming, Jailbreak Benchmarks, Adversarial Robustness, Safety-Critical Systems

Large language model LLM agents are increasingly proposed as supervisory components for safety-critical systems, yet their robustness under sustained, adaptive adversarial pressure remains poorly characterized. We present NRT-Bench, a benchmark for multi-turn red-teaming of LLM agents acting as...

5.9AI score
Exploits0
Total number of security vulnerabilities6788