Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
•added 2025/11/05 12:0 a.m.•9 views

Smartphone User Fingerprinting on Wireless Traffic

Due to the openness of the wireless medium, smartphone users are susceptible to user privacy attacks, where user privacy information is inferred from encrypted Wi-Fi wireless traffic. Existing attacks are limited to recognizing mobile apps and their actions and cannot infer the smartphone user...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/05 12:0 a.m.•6 views

Security and Privacy Management of IoT Using Quantum Computing

The convergence of the Internet of Things IoT and quantum computing is redefining the security paradigm of interconnected digital systems. Classical cryptographic algorithms such as RSA, Elliptic Curve Cryptography ECC, and Advanced Encryption Standard AES have long provided the foundation for...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•6 views

AutoAdv: Automated Adversarial Prompting for Multi-Turn Jailbreaking of Large Language Models

Large Language Models LLMs remain vulnerable to jailbreaking attacks where adversarial prompts elicit harmful outputs, yet most evaluations focus on single-turn interactions while real-world attacks unfold through adaptive multi-turn conversations. We present AutoAdv, a training-free framework fo...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•6 views

Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and optionally validating those tests on mainnet forks. It combines static analysis, prompt-driven LLM analysis, and AI-ensemble...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•19 views

1 PoCo: Agentic Proof-Of-Concept Exploit Generation for Smart Contracts

Smart contracts operate in a highly adversarial environment, where vulnerabilities can lead to substantial financial losses. Thus, smart contracts are subject to security audits. In auditing, proof-of-concept PoC exploits play a critical role by demonstrating to the stakeholders that the reported...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•4 views

On the Dangers of Poisoned LLMs in Security Automation

This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited dataset, can introduce significant bias, to the extent tha...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•6 views

Jailbreaking in the Haystack

Recent advances in long-context language models LMs have enabled million-token inputs, expanding their capabilities across complex tasks like computer-use agents. Yet, the safety implications of these extended contexts remain unclear. To bridge this gap, we introduce NINJA short for...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•9 views

Designing Proportionate Cybersecurity Frameworks for European Micro-Enterprises: Lessons from the Squad 2025 Case

Micro and small enterprises SMEs account for most European businesses yet remain highly vulnerable to cyber threats. This paper analyses the design logic of a recent European policy initiative -- the Squad 2025 Playbook on Cybersecurity Awareness for Micro-SMEs -- to extract general principles fo...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•2 views

Trustworthy Quantum Machine Learning: A Roadmap for Reliability, Robustness, and Security in the NISQ Era

Quantum machine learning QML is a promising paradigm for tackling computational problems that challenge classical AI. Yet, the inherent probabilistic behavior of quantum mechanics, device noise in NISQ hardware, and hybrid quantum-classical execution pipelines introduce new risks that prevent...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/04 12:0 a.m.•5 views

Enhancing NTRUEncrypt Security Using Markov Chain Monte Carlo Methods: Theory and Practice

This paper presents a novel framework for enhancing the quantum resistance of NTRUEncrypt using Markov Chain Monte Carlo MCMC methods. We establish formal bounds on sampling efficiency and provide security reductions to lattice problems, bridging theoretical guarantees with practical...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/03 12:0 a.m.•4 views

Detecting Vulnerabilities from Issue Reports for Internet-Of-Things

Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things IoT where analysis is slower than non-IoT systems. While Machine Learning ML and Large Language Models LLMs detect vulnerability-indicating issues in non-IoT systems, their I...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/03 12:0 a.m.•9 views

Scam Shield: Multi-Model Voting and Fine-Tuned LLMs against Adversarial Attacks

Scam detection remains a critical challenge in cybersecurity as adversaries craft messages that evade automated filters. We propose a Hierarchical Scam Detection System HSDS that combines a lightweight multi-model voting front end with a fine-tuned LLaMA 3.1 8B Instruct back end to improve accura...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/03 12:0 a.m.•10 views

Characterizing Build Compromises through Vulnerability Disclosure Analysis

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component systems source code, dependencies, build tools, the difficult...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/03 12:0 a.m.•5 views

Machine and Deep Learning for Indoor UWB Jammer Localization

Ultra-wideband UWB localization delivers centimeter-scale accuracy but is vulnerable to jamming attacks, creating security risks for asset tracking and intrusion detection in smart buildings. Although machine learning ML and deep learning DL methods have improved tag localization, localizing...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/03 12:0 a.m.•9 views

Federated Cyber Defense: Privacy-Preserving Ransomware Detection across Distributed Systems

Detecting malware, especially ransomware, is essential to securing today's interconnected ecosystems, including cloud storage, enterprise file-sharing, and database services. Training high-performing artificial intelligence AI detectors requires diverse datasets, which are often distributed acros...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/02 12:0 a.m.•4 views

Towards Ultra-Low Latency: Binarized Neural Network Architectures for In-Vehicle Network Intrusion Detection

The Control Area Network CAN protocol is essential for in-vehicle communication, facilitating high-speed data exchange among Electronic Control Units ECUs. However, its inherent design lacks robust security features, rendering vehicles susceptible to cyberattacks. While recent research has...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/02 12:0 a.m.•5 views

A Large Scale Study of AI-Based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners

Binary Function Similarity Detection BFSD is a foundational technique in software security, underpinning a wide range of applications including vulnerability detection, malware analysis. Recent advances in AI-based BFSD tools have led to significant performance improvements. However, existing...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/02 12:0 a.m.•6 views

Android Malware Detection: A Machine Learning Approach

This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android applications and analyzes their accuracy, efficiency, and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/02 12:0 a.m.•6 views

AthenaBench: A Dynamic Benchmark for Evaluating LLMs in Cyber Threat Intelligence

Large Language Models LLMs have demonstrated strong capabilities in natural language reasoning, yet their application to Cyber Threat Intelligence CTI remains limited. CTI analysis involves distilling large volumes of unstructured reports into actionable knowledge, a process where LLMs could...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/01 12:0 a.m.•4 views

An Efficient Anomaly Detection Framework for Wireless Sensor Networks Using Markov Process

Wireless Sensor Networks forms the backbone of modern cyber physical systems used in various applications such as environmental monitoring, healthcare monitoring, industrial automation, and smart infrastructure. Ensuring the reliability of data collected through these networks is essential as the...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/01 12:0 a.m.•4 views

Meta-Learning Based Radio Frequency Fingerprinting for GNSS Spoofing Detection

The rapid development of technology has led to an increase in the number of devices that rely on position, velocity, and time PVT information to perform their functions. As such, the Global Navigation Satellite Systems GNSS have been adopted as one of the most promising solutions to provide PVT...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/11/01 12:0 a.m.•7 views

Penetrating the Hostile: Detecting DeFi Protocol Exploits through Cross-Contract Analysis

Decentralized finance DeFi protocols are crypto projects developed on the blockchain to manage digital assets. Attacks on DeFi have been frequent and have resulted in losses exceeding $80 billion. Current tools detect and locate possible vulnerabilities in contracts by analyzing the state changes...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•8 views

Mind the Gap: Missing Cyber Threat Coverage in NIDS Datasets for the Energy Sector

Network Intrusion Detection Systems NIDS developed using publicly available datasets predominantly focus on enterprise environments, raising concerns about their effectiveness for converged Information Technology IT and Operational Technology OT in energy infrastructures. This study evaluates the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•8 views

Sustaining Cyber Awareness: The Long-Term Impact of Continuous Phishing Training and Emotional Triggers

Phishing constitutes more than 90% of successful cyberattacks globally, remaining one of the most persistent threats to organizational security. Despite organizations tripling their cybersecurity budgets between 2015 and 2025, the human factor continues to pose a critical vulnerability. This stud...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•5 views

Exploiting Latent Space Discontinuities for Building Universal LLM Jailbreaks and Data Extraction Attacks

The rapid proliferation of Large Language Models LLMs has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectur...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•2 views

Security Audit of Intel ICE Driver for E810 Network Interface Card

The security of enterprise-grade networking hardware and software is critical to ensuring the integrity, availability, and confidentiality of data in modern cloud and data center environments. Network interface controllers NICs play a pivotal role in high-performance computing and virtualization,...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•6 views

Coordinated Position Falsification Attacks and Countermeasures for Location-Based Services

With the rise of location-based service LBS applications that rely on terrestrial and satellite infrastructures e.g., GNSS and crowd-sourced Wi-Fi, Bluetooth, cellular, and IP databases for positioning, ensuring their integrity and security is paramount. However, we demonstrate that these...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•6 views

MalDataGen: A Modular Framework for Synthetic Tabular Data Generation in Malware Detection

High-quality data scarcity hinders malware detection, limiting ML performance. We introduce MalDataGen, an open-source modular framework for generating high-fidelity synthetic tabular data using modular deep learning models e.g., WGAN-GP, VQ-VAE. Evaluated via dual validation TR-TS/TS-TR, seven...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•7 views

On Selecting Few-Shot Examples for LLM-Based Code Vulnerability Detection

Large language models LLMs have demonstrated impressive capabilities for many coding tasks, including summarization, translation, completion, and code generation. However, detecting code vulnerabilities remains a challenging task for LLMs. An effective way to improve LLM performance is in-context...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•5 views

MH-1M: A 1.34 Million-Sample Comprehensive Multi-Feature Android Malware Dataset for Machine Learning, Deep Learning, Large Language Models, and Threat Intelligence Research

We present MH-1M, one of the most comprehensive and up-to-date datasets for advanced Android malware research. The dataset comprises 1,340,515 applications, encompassing a wide range of features and extensive metadata. To ensure accurate malware classification, we employ the VirusTotal API,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•6 views

Windows Persistent Task Scheduler

This Metasploit module establishes persistence by creating a scheduled task to run a payload...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•4 views

Prevalence of Security and Privacy Risk-Inducing Usage of AI-Based Conversational Agents

Recent improvement gains in large language models LLMs have lead to everyday usage of AI-based Conversational Agents CAs. At the same time, LLMs are vulnerable to an array of threats, including jailbreaks and, for example, causing remote code execution when fed specific inputs. As a result, users...

7.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/31 12:0 a.m.•8 views

Service Upstart Persistence

This Metasploit module will create a service on the box, and mark it for auto-restart. You need enough access to write service files and potentially restart services...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•6 views

LLM-Based Multi-Class Attack Analysis and Mitigation Framework in IoT/IIoT Networks

The Internet of Things has expanded rapidly, transforming communication and operations across industries but also increasing the attack surface and security breaches. Artificial Intelligence plays a key role in securing IoT, enabling attack detection, attack behavior analysis, and mitigation...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•4 views

A Survey of Heterogeneous Graph Neural Networks for Cybersecurity Anomaly Detection

Anomaly detection is a critical task in cybersecurity, where identifying insider threats, access violations, and coordinated attacks is essential for ensuring system resilience. Graph-based approaches have become increasingly important for modeling entity interactions, yet most rely on homogeneou...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•9 views

CyberNER: A Harmonized STIX Corpus for Cybersecurity Named Entity Recognition

Extracting structured intelligence via Named Entity Recognition NER is critical for cybersecurity, but the proliferation of datasets with incompatible annotation schemas hinders the development of comprehensive models. While combining these resources is desirable, we empirically demonstrate that...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•4 views

A Comparative Study of Hybrid Post-Quantum Cryptographic X.509 Certificate Schemes

As quantum computing hardware continues to advance, the integration of such technology with quantum algorithms is anticipated to enable the decryption of ciphertexts produced by RSA and Elliptic Curve Cryptography ECC within polynomial time. In response to this emerging threat, the U.S. National...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•11 views

Adapting Large Language Models to Emerging Cybersecurity Using Retrieval Augmented Generation

Security applications are increasingly relying on large language models LLMs for cyber threat detection; however, their opaque reasoning often limits trust, particularly in decisions that require domain-specific cybersecurity knowledge. Because security threats evolve rapidly, LLMs must not only...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•40 views

Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures

As Large Language Models LLMs are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical concern. This paper presents a mechanism-centered taxonomy of 41 recurring risk patterns in commercial LLMs...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•7 views

A DRL-Empowered Multi-Level Jamming Approach for Secure Semantic Communication

Semantic communication SemCom aims to transmit only task-relevant information, thereby improving communication efficiency but also exposing semantic information to potential eavesdropping. In this paper, we propose a deep reinforcement learning DRL-empowered multi-level jamming approach to enhanc...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•6 views

A Comprehensive Evaluation and Practice of System Penetration Testing

With the rapid advancement of information technology, the complexity of applications continues to increase, and the cybersecurity challenges we face are also escalating. This paper aims to investigate the methods and practices of system security penetration testing, exploring how to enhance syste...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•50 views

TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition

In this paper, the researchers show that the security guarantees of modern TEE offerings by Intel and AMD can be broken cheaply and easily, by building a memory interposition device that allows attackers to physically inspect all memory traffic inside a DDR5 server...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/30 12:0 a.m.•4 views

Twin-Field Quantum Key Distribution: Protocols, Security, and Open Problems

Twin-Field Quantum Key Distribution TF-QKD has emerged as a potential protocol for long distance secure communication, overcoming the rate-distance limitations of conventional quantum key distribution without requiring trusted repeaters. By having two parties transmit phase encoded weak coherent...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•10 views

AAGATE: A NIST AI RMF-Aligned Governance Platform for Agentic AI

This paper introduces the Agentic AI Governance Assurance & Trust Engine AAGATE, a Kubernetes-native control plane designed to address the unique security and governance challenges posed by autonomous, language-model-driven agents in production. Recognizing the limitations of traditional...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•8 views

Identity Management for Agentic AI: The New Frontier of Authorization, Authentication, and Security for an AI Agent World

The rapid rise of AI agents presents urgent challenges in authentication, authorization, and identity management. Current agent-centric protocols like MCP highlight the demand for clarified best practices in authentication and authorization. Looking ahead, ambitions for highly autonomous agents...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•5 views

tc Tor Chat Client 1.3

tc is a low-tech free solution to make yourself anonymously reachable for chat by anyone who only know your onion address and your public key. Messages are PGP encrypted end-to-end and forwarded by Tor's relays...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•6 views

An In-Depth Analysis of Cyber Attacks in Secured Platforms

There is an increase in global malware threats. To address this, an encryption-type ransomware has been introduced on the Android operating system. The challenges associated with malicious threats in phone use have become a pressing issue in mobile communication, disrupting user experiences and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•8 views

Packet Fence 15.0.0

PacketFence is a network access control NAC system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•4 views

Windows Persistent Startup Folder

This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/10/29 12:0 a.m.•4 views

Model Inversion Attacks Meet Cryptographic Fuzzy Extractors

Model inversion attacks pose an open challenge to privacy-sensitive applications that use machine learning ML models. For example, face authentication systems use modern ML models to compute embedding vectors from face images of the enrolled users and store them. If leaked, inversion attacks can...

6.8AI score
Exploits0
Total number of security vulnerabilities6825