Lucene search
K
PacketstormnewsRecent

6825 matches found

Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.6 views

Quantum Public Key Encryption for NISQ Devices

Quantum public-key encryption PKE, where public-keys and/or ciphertexts can be quantum states, is an important primitive in quantum cryptography. Unlike classical PKE e.g., RSA or ECC, quantum PKE can leverage quantum-secure cryptographic assumptions or the principles of quantum mechanics for...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.6 views

Rain: Transiently Leaking Data from Public Clouds Using Old Vulnerabilities

Given their vital importance for governments and enterprises around the world, we need to trust public clouds to provide strong security guarantees even in the face of advanced attacks and hardware vulnerabilities. While transient execution vulnerabilities, such as Spectre, have been in the...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.11 views

A Comparative Analysis of Ensemble-Based Machine Learning Approaches with Explainable AI for Multi-Class Intrusion Detection in Drone Networks

The growing integration of drones into civilian, commercial, and defense sectors introduces significant cybersecurity concerns, particularly with the increased risk of network-based intrusions targeting drone communication protocols. Detecting and classifying these intrusions is inherently...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.5 views

Coherence-Driven Inference for Cybersecurity

Large language models LLMs can compile weighted graphs on natural language data to enable automatic coherence-driven inference CDI relevant to red and blue team operations in cybersecurity. This represents an early application of automatic CDI that holds near- to medium-term promise for...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.3 views

Examining I2P Resilience: Effect of Centrality-Based Attack

This study examines the robustness of I2P, a well-regarded anonymous and decentralized peer-to-peer network designed to ensure anonymity, confidentiality, and circumvention of censorship. Unlike its more widely researched counterpart, TOR, I2P's resilience has received less scholarly attention...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.6 views

AEAS: Actionable Exploit Assessment System

Security practitioners face growing challenges in exploit assessment, as public vulnerability repositories are increasingly populated with inconsistent and low-quality exploit artifacts. Existing scoring systems, such as CVSS and EPSS, offer limited support for this task. They either rely on...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/22 12:0 a.m.7 views

State-Of-The-Art in Software Security Visualization: a Systematic Review

Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into easily digestible visual formats. As software systems get...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.20 views

LLaVul: a Multimodal LLM for Interpretable Vulnerability Reasoning about Source Code

Increasing complexity in software systems places a growing demand on reasoning tools that unlock vulnerabilities manifest in source code. Many current approaches focus on vulnerability analysis as a classifying task, oversimplifying the nuanced and context-dependent real-world scenarios. Even...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.5 views

Seeing Is Deceiving: Mirror-Based LiDAR Spoofing for Autonomous Vehicle Deception

Autonomous vehicles AVs rely heavily on LiDAR sensors for accurate 3D perception. We show a novel class of low-cost, passive LiDAR spoofing attacks that exploit mirror-like surfaces to inject or remove objects from an AV's perception. Using planar mirrors to redirect LiDAR beams, these attacks...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.4 views

Static Security Vulnerability Scanning of Proprietary and Open-Source Software: an Adaptable Process with Variants and Results

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software OSS is included in the technological environment. In this paper an end-to-end process with...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.23 views

Temporal Logic-Based Multi-Vehicle Backdoor Attacks against Offline RL Agents in End-To-End Autonomous Driving

Assessing the safety of autonomous driving AD systems against security threats, particularly backdoor attacks, is a stepping stone for real-world deployment. However, existing works mainly focus on pixel-level triggers that are impractical to deploy in the real world. We address this gap by...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/21 12:0 a.m.6 views

FakeSound2: a Benchmark for Explainable and Generalizable Deepfake Sound Detection

The rapid development of generative audio raises ethical and security concerns stemming from forged data, making deepfake sound detection an important safeguard against the malicious use of such technologies. Although prior studies have explored this task, existing methods largely focus on binary...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.6 views

DecipherGuard: Understanding and Deciphering Jailbreak Prompts for a Safer Deployment of Intelligent Software Systems

Intelligent software systems powered by Large Language Models LLMs are increasingly deployed in critical sectors, raising concerns about their safety during runtime. Through an industry-academic collaboration when deploying an LLM-powered virtual customer assistant, a critical software engineerin...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.38 views

MoPE: a Mixture of Password Experts for Improving Password Guessing

Textual passwords remain a predominant authentication mechanism in web security. To evaluate their strength, existing research has proposed several data-driven models across various scenarios. However, these models generally treat passwords uniformly, neglecting the structural differences among...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.6 views

Incentives and Outcomes in Bug Bounties

Bug bounty programs have contributed significantly to security in technology firms in the last decade, but little is known about the role of reward incentives in producing useful outcomes. We analyze incentives and outcomes in Google's Vulnerability Rewards Program VRP, one of the world's largest...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.7 views

Security Vulnerabilities in Software Supply Chain for Autonomous Vehicles

The interest in autonomous vehicles AVs for critical missions, including transportation, rescue, surveillance, reconnaissance, and mapping, is growing rapidly due to their significant safety and mobility benefits. AVs consist of complex software systems that leverage artificial intelligence AI,...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.5 views

"Digital Camouflage": the LLVM Challenge in LLM-Based Malware Detection

Large Language Models LLMs have emerged as promising tools for malware detection by analyzing code semantics, identifying vulnerabilities, and adapting to evolving threats. However, their reliability under adversarial compiler-level obfuscation is yet to be discovered. In this study, we empirical...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.11 views

Self-Supervised Learning of Graph Representations for Network Intrusion Detection

Detecting intrusions in network traffic is a challenging task, particularly under limited supervision and constantly evolving attack patterns. While recent works have leveraged graph neural networks for network intrusion detection, they often decouple representation learning from anomaly detectio...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.4 views

Design and Development of an Intelligent LLM-Based LDAP Honeypot

Cybersecurity threats continue to increase, with a growing number of previously unknown attacks each year targeting both large corporations and smaller entities. This scenario demands the implementation of advanced security measures, not only to mitigate damage but also to anticipate emerging...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.7 views

Reproducing a Security Risk Assessment Using Computer Aided Design

Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/20 12:0 a.m.5 views

Evaluating LLM Generated Detection Rules in Cybersecurity

LLMs are increasingly pervasive in the security environment, with limited measures of their effectiveness, which limits trust and usefulness to security practitioners. Here, we present an open-source evaluation framework and benchmark metrics for evaluating LLM-generated cybersecurity rules. The...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.4 views

Quantum Keystroke Logging

Superdense coding has long been regarded as a secure quantum communication protocol. It is natural to assume that employing logical quantum states with error-correcting capability would not compromise this security. However, in the context of GKP-based quantum communication, we propose a...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

End-To-End Co-Simulation Testbed for Cybersecurity Research and Development in Intelligent Transportation Systems

Intelligent Transportation Systems ITS have been widely deployed across major metropolitan regions worldwide to improve roadway safety, optimize traffic flow, and reduce environmental impacts. These systems integrate advanced sensors, communication networks, and data analytics to enable real-time...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.4 views

Wazuh 4.13.0

Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

How Far Are We? an Empirical Analysis of Current Vulnerability Localization Approaches

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when processing large volumes of commit histories, while being...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

MalEval Android Malware Evaluation Framework

This repository contains the source code of MalEval, an evaluation framework for Android malware behavior auditing, focusing on explaining and substantiating malicious behaviors. The framework provides expert-verified reports, curated metadata, and model outputs to enable reproducible evaluation ...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.7 views

LenslessMic: Audio Encryption and Authentication Via Lensless Computational Imaging

With society's increasing reliance on digital data sharing, the protection of sensitive information has become critical. Encryption serves as one of the privacy-preserving methods; however, its realization in the audio domain predominantly relies on signal processing or software methods embedded...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.5 views

Inference Attacks on Encrypted Online Voting Via Traffic Analysis

Online voting enables individuals to participate in elections remotely, offering greater efficiency and accessibility in both governmental and organizational settings. As this method gains popularity, ensuring the security of online voting systems becomes increasingly vital, as the systems...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.4 views

Shai-Hulud npm Worm

Shai-Hulud is a self-replicating worm targeting the npm ecosystem. Once it compromises a developer machine or CI/CD runner, it harvests secrets and uses them to republish itself across multiple npm packages within hours. This advisory holds IoCs and further information...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

TestSSL 3.2.2

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.8 views

Automated Cyber Defense with Generalizable Graph-Based Reinforcement Learning Agents

Deep reinforcement learning RL is emerging as a viable strategy for automated cyber defense ACD. The traditional RL approach represents networks as a list of computers in various states of safety or threat. Unfortunately, these models are forced to overfit to specific network topologies, renderin...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.6 views

A Systematic Survey of Empirical User Studies of Unintentional Information Disclosure in Everyday Digital Interaction

The exchange of personal information in digital environments poses significant risks, including identity theft, privacy breaches, and data misuse. Addressing these challenges requires a deep understanding of user behavior and mental models in diverse contexts. This paper presents a systematic...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.5 views

ConCap: Practical Network Traffic Generation for Flow-Based Intrusion Detection Systems

Network Intrusion Detection Systems NIDS have been studied in research for almost four decades. Yet, despite thousands of papers claiming scientific advances, a non-negligible number of recent works suggest that the findings of prior literature may be questionable. At the root of such a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.5 views

Flying Drones to Locate Cyber-Attackers in LoRaWAN Metropolitan Networks

Today, many critical services and industrial systems rely on wireless networks for interaction with the IoT, hence becoming vulnerable to a broad number of cyber-threats. While detecting this kind of attacks is not difficult with common cyber-security tools, and even trivial for jamming, finding...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/19 12:0 a.m.23 views

Future-Proofing Cloud Security against Quantum Attacks: Risk, Transition, and Mitigation Strategies

Quantum Computing QC introduces a transformative threat to digital security, with the potential to compromise widely deployed classical cryptographic systems. This survey offers a comprehensive and systematic examination of quantumsafe security for Cloud Computing CC, focusing on the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.5 views

SecureFixAgent: a Hybrid LLM Agent for Automated Python Static Vulnerability Repair

Modern software development pipelines face growing challenges in securing large codebases with extensive dependencies. Static analysis tools like Bandit are effective at vulnerability detection but suffer from high false positives and lack repair capabilities. Large Language Models LLMs, in...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.8 views

Security Analysis of Web Applications Based on Gruyere

With the rapid development of Internet technologies, web systems have become essential infrastructures for modern information exchange and business operations. However, alongside their expansion, numerous security vulnerabilities have emerged, making web security a critical research focus within...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.5 views

TOR Virtual Network Tunneling Tool 0.4.8.18

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.8 views

Orion: Fuzzing Workflow Automation

Fuzz testing is one of the most effective techniques for finding software vulnerabilities. While modern fuzzers can generate inputs and monitor executions automatically, the overall workflow, from analyzing a codebase, to configuring harnesses, to triaging results, still requires substantial manu...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.6 views

Hybrid Deep Learning-Federated Learning Powered Intrusion Detection System for IoT/5G Advanced Edge Computing Network

The exponential expansion of IoT and 5G-Advanced applications has enlarged the attack surface for DDoS, malware, and zero-day intrusions. We propose an intrusion detection system that fuses a convolutional neural network CNN, a bidirectional LSTM BiLSTM, and an autoencoder AE bottleneck within a...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.6 views

Beyond Surface Alignment: Rebuilding LLMs Safety Mechanism Via Probabilistically Ablating Refusal Direction

Jailbreak attacks pose persistent threats to large language models LLMs. Current safety alignment methods have attempted to address these issues, but they experience two significant limitations: insufficient safety alignment depth and unrobust internal defense mechanisms. These limitations make...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.10 views

Evil Vizier: Vulnerabilities of LLM-Integrated XR Systems

Extended reality XR applications increasingly integrate Large Language Models LLMs to enhance user experience, scene understanding, and even generate executable XR content, and are often called "AI glasses". Despite these potential benefits, the integrated XR-LLM pipeline makes XR applications...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.5 views

Suricata IDPE 8.0.1

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

7.5CVSS6.8AI score0.00492EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.5 views

Synergizing Static Analysis with Large Language Models for Vulnerability Discovery and Beyond

This report examines the synergy between Large Language Models LLMs and Static Application Security Testing SAST to improve vulnerability discovery. Traditional SAST tools, while effective for proactive security, are limited by high false-positive rates and a lack of contextual understanding...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.4 views

Threat Modeling for Enhancing Security of IoT Audio Classification Devices under a Secure Protocols Framework

The rapid proliferation of IoT nodes equipped with microphones and capable of performing on-device audio classification exposes highly sensitive data while operating under tight resource constraints. To protect against this, we present a defence-in-depth architecture comprising a security protoco...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.6 views

The Cybersecurity of a Humanoid Robot

The rapid advancement of humanoid robotics presents unprecedented cybersecurity challenges that existing theoretical frameworks fail to adequately address. This report presents a comprehensive security assessment of a production humanoid robot platform, bridging the gap between abstract security...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.6 views

ATLANTIS: AI-Driven Threat Localization, Analysis, and Triage Intelligence System

We present ATLANTIS, the cyber reasoning system developed by Team Atlanta that won 1st place in the Final Competition of DARPA's AI Cyber Challenge AIxCC at DEF CON 33 August 2025. AIxCC 2023-2025 challenged teams to build autonomous cyber reasoning systems capable of discovering and patching...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.3 views

LLM Jailbreak Detection for (Almost) Free!

Large language models LLMs enhance security through alignment when widely used, but remain susceptible to jailbreak attacks capable of producing inappropriate content. Jailbreak detection methods show promise in mitigating jailbreak attacks through the assistance of other models or multiple model...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.8 views

Cybersecurity AI: Humanoid Robots As Attack Vectors

We present a systematic security assessment of the Unitree G1 humanoid showing it operates simultaneously as a covert surveillance node and can be purposed as an active cyber operations platform. Partial reverse engineering of Unitree's proprietary FMX encryption reveal a static Blowfish-ECB laye...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/17 12:0 a.m.5 views

A Survey and Evaluation Framework for Secure DNS Resolution

Since security was not among the original design goals of the Domain Name System herein called Vanilla DNS, many secure DNS schemes have been proposed to enhance the security and privacy of the DNS resolution process. Some proposed schemes aim to replace the existing DNS infrastructure entirely,...

6.6AI score
Exploits0
Total number of security vulnerabilities6825