Lucene search
K
PacketstormnewsRecent

6850 matches found

Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.5 views

LMDG: Advancing Lateral Movement Detection through High-Fidelity Dataset Generation

Lateral Movement LM attacks continue to pose a significant threat to enterprise security, enabling adversaries to stealthily compromise critical assets. However, the development and evaluation of LM detection systems are impeded by the absence of realistic, well-labeled datasets. To address this...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.11 views

Gandia Integra Total 4.4.2236.1 SQL Injection

Gandia Integra Total versions 2.1.2217.3 through 4.4.2236.1 suffer from a remote SQL injection vulnerability...

8.7CVSS8.1AI score0.0107EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.4 views

LPAR2RRD Remote Code Execution

This repository contains a proof of concept exploit for CVE-2025-54769, a vulnerability found in lpar2rrd. The vulnerability allows remote code execution and directory traversal by abusing the /lpar2rrd-cgi/upgrade.sh endpoint...

8.8CVSS7.9AI score0.03038EPSS
Exploits4
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.5 views

Swagger UI 1.0.3 Cross Site Scripting

Proof of concept cross site scripting exploit for Swagger UI versions 1.0.3 and below...

5.1CVSS6.4AI score0.01646EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.5 views

PhishParrot: LLM-Driven Adaptive Crawling to Unveil Cloaked Phishing Sites

Phishing attacks continue to evolve, with cloaking techniques posing a significant challenge to detection efforts. Cloaking allows attackers to display phishing sites only to specific users while presenting legitimate pages to security crawlers, rendering traditional detection systems ineffective...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.17 views

Centralized Dynamic State Estimation Algorithm for Detecting and Distinguishing Faults and Cyber Attacks in Power Systems

As power systems evolve with increased integration of renewable energy sources, they become more complex and vulnerable to both cyber and physical threats. This study validates a centralized Dynamic State Estimation DSE algorithm designed to enhance the protection of power systems, particularly...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.6 views

ASINT: Learning AS-To-Organization Mapping from Internet Metadata

Accurately mapping Autonomous Systems ASNs to their owning or operating organizations underpins Internet measurement research and security applications. Yet existing approaches commonly rely solely on WHOIS or PeeringDB, missing important relationships e.g., cross-regional aliases, parent-child...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.5 views

IMU: Influence-Guided Machine Unlearning

Recent studies have shown that deep learning models are vulnerable to attacks and tend to memorize training data points, raising significant concerns about privacy leakage. This motivates the development of machine unlearning MU, i.e., a paradigm that enables models to selectively forget specific...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.7 views

DUP: Detection-Guided Unlearning for Backdoor Purification in Language Models

As backdoor attacks become more stealthy and robust, they reveal critical weaknesses in current defense strategies: detection methods often rely on coarse-grained feature statistics, and purification methods typically require full retraining or additional clean models. To address these challenges...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.2 views

Beyond Vulnerabilities: a Survey of Adversarial Attacks As Both Threats and Defenses in Computer Vision Systems

Adversarial attacks against computer vision systems have emerged as a critical research area that challenges the fundamental assumptions about neural network robustness and security. This comprehensive survey examines the evolving landscape of adversarial techniques, revealing their dual nature a...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.4 views

Generative AI-Empowered Secure Communications in Space-Air-Ground Integrated Networks: a Survey and Tutorial

Space-air-ground integrated networks SAGINs face unprecedented security challenges due to their inherent characteristics, such as multidimensional heterogeneity and dynamic topologies. These characteristics fundamentally undermine conventional security methods and traditional artificial...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.1 views

PRIME: Plasticity-Robust Incremental Model for Encrypted Traffic Classification in Dynamic Network Environments

With the continuous development of network environments and technologies, ensuring cyber security and governance is increasingly challenging. Network traffic classificationETC can analyzes attributes such as application categories and malicious intent, supporting network management services like...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.7 views

Semantic Encryption: Secure and Effective Interaction with Cloud-Based Large Language Models Via Semantic Transformation

The increasing adoption of Cloud-based Large Language Models CLLMs has raised significant concerns regarding data privacy during user interactions. While existing approaches primarily focus on encrypting sensitive information, they often overlook the logical structure of user inputs. This oversig...

6.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.6 views

A Survey on Privacy-Preserving Computing in the Automotive Domain

As vehicles become increasingly connected and autonomous, they accumulate and manage various personal data, thereby presenting a key challenge in preserving privacy during data sharing and processing. This survey reviews applications of Secure Multi-Party Computation MPC and Homomorphic Encryptio...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.5 views

Proactive Disentangled Modeling of Trigger-Object Pairings for Backdoor Defense

Deep neural networks DNNs and generative AI GenAI are increasingly vulnerable to backdoor attacks, where adversaries embed triggers into inputs to cause models to misclassify or misinterpret target labels. Beyond traditional single-trigger scenarios, attackers may inject multiple triggers across...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.6 views

"Energon": Unveiling Transformers from GPU Power and Thermal Side-Channels

Transformers have become the backbone of many Machine Learning ML applications, including language translation, summarization, and computer vision. As these models are increasingly deployed in shared Graphics Processing Unit GPU environments via Machine Learning as a Service MLaaS, concerns aroun...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.4 views

A Provably Secure Network Protocol for Private Communication with Analysis and Tracing Resistance

Anonymous communication networks have emerged as crucial tools for obfuscating communication pathways and concealing user identities. However, their practical deployments face significant challenges, including susceptibility to artificial intelligence AI-powered metadata analysis, difficulties in...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.5 views

BeDKD: Backdoor Defense Based on Dynamic Knowledge Distillation and Directional Mapping Modulator

Although existing backdoor defenses have gained success in mitigating backdoor attacks, they still face substantial challenges. In particular, most of them rely on large amounts of clean data to weaken the backdoor mapping but generally struggle with residual trigger effects, resulting in...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.5 views

GPU in the Blind Spot: Overlooked Security Risks in Transportation

Graphics processing units GPUs are becoming an essential part of the intelligent transportation system ITS for enabling video-based and artificial intelligence AI based applications. GPUs provide high-throughput and energy-efficient computing for tasks like sensor fusion and roadside video...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.5 views

Complete Evasion, Zero Modification: PDF Attacks on AI Text Detection

AI-generated text detectors have become essential tools for maintaining content authenticity, yet their robustness against evasion attacks remains questionable. We present PDFuzz, a novel attack that exploits the discrepancy between visual text layout and extraction order in PDF documents. Our...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.9 views

LLM-Assisted Model-Based Fuzzing of Protocol Implementations

Testing network protocol implementations is critical for ensuring the reliability, security, and interoperability of distributed systems. Faults in protocol behavior can lead to vulnerabilities and system failures, especially in real-time and mission-critical applications. A common approach to...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.6 views

Hard-Earned Lessons in Access Control at Scale: Enforcing Identity and Policy across Trust Boundaries with Reverse Proxies and MTLS

In today's enterprise environment, traditional access methods such as Virtual Private Networks VPNs and application-specific Single Sign-On SSO often fall short when it comes to securely scaling access for a distributed and dynamic workforce. This paper presents our experience implementing a...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/03 12:0 a.m.6 views

Analyzing the Mirai IoT Botnet and Its Recent Variants: Satori, Mukashi, Moobot, and Sonic

Mirai is undoubtedly one of the most significant Internet of Things IoT botnet attacks in history. In terms of its detrimental effects, seamless spread, and low detection rate, it surpassed its predecessors. Its developers released the source code, which triggered the development of several...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/02 12:0 a.m.4 views

Think Broad, Act Narrow: CWE Identification with Multi-Agent Large Language Models

Machine learning and Large language models LLMs for vulnerability detection has received significant attention in recent years. Unfortunately, state-of-the-art techniques show that LLMs are unsuccessful in even distinguishing the vulnerable function from its benign counterpart, due to three main...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/02 12:0 a.m.7 views

VWAttacker: a Systematic Security Testing Framework for Voice over WiFi User Equipments

We present VWAttacker, the first systematic testing framework for analyzing the security of Voice over WiFi VoWiFi User Equipment UE implementations. VWAttacker includes a complete VoWiFi network testbed that communicates with Commercial-Off-The-Shelf COTS UEs based on a simple interface to test...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/02 12:0 a.m.5 views

Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks

The increase of IoT devices, driven by advancements in hardware technologies, has led to widespread deployment in large-scale networks that process massive amounts of data daily. However, the reliance on Edge Computing to manage these devices has introduced significant security vulnerabilities, a...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/01 12:0 a.m.6 views

Packet Storm New Exploits for July, 2025

This archive contains all of the 132 exploits added to Packet Storm in July, 2025...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/31 12:0 a.m.4 views

Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain

The pharmaceutical supply chain faces escalating cybersecurity challenges threatening patient safety and operational continuity. This paper examines the transformative potential of zero trust architecture for enhancing security and resilience within this critical ecosystem. We explore the...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/31 12:0 a.m.5 views

Rtpengine mr13.4.1.1 Injection / Redirection

Rtpengine starting at version mr13.4.1.1 allows for redirection to an attacker-controlled host and insertion of arbitrary RTP packet into active calls...

6.9CVSS6.7AI score0.04982EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.8 views

SpectraSentinel: LightWeight Dual-Stream Real-Time Drone Detection, Tracking and Payload Identification

The proliferation of drones in civilian airspace has raised urgent security concerns, necessitating robust real-time surveillance systems. In response to the 2025 VIP Cup challenge tasks - drone detection, tracking, and payload identification - we propose a dual-stream drone monitoring framework...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.7 views

Resource-Efficient Automatic Software Vulnerability Assessment Via Knowledge Distillation and Particle Swarm Optimization

The increasing complexity of software systems has led to a surge in cybersecurity vulnerabilities, necessitating efficient and scalable solutions for vulnerability assessment. However, the deployment of large pre-trained models in real-world scenarios is hindered by their substantial computationa...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

Malleability-Resistant Encrypted Control System with Disturbance Compensation and Real-Time Attack Detection

This study proposes an encrypted PID control system with a disturbance observer DOB using a keyed-homomorphic encryption KHE scheme, aiming to achieve control performance while providing resistance to malleability-based attacks. The controller integrates a DOB with a PID structure to compensate f...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

Empirical Evaluation of Concept Drift in ML-Based Android Malware Detection

Despite outstanding results, machine learning-based Android malware detection models struggle with concept drift, where rapidly evolving malware characteristics degrade model effectiveness. This study examines the impact of concept drift on Android malware detection, evaluating two datasets and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.7 views

Apple Security Advisory 07-29-2025-7

Apple Security Advisory 07-29-2025-7 - tvOS 18.6 addresses out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS8.6AI score0.09185EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.6 views

Apple Security Advisory 07-29-2025-1

Apple Security Advisory 07-29-2025-1 - iOS 18.6 and iPadOS 18.6 addresses out of bounds access, out of bounds read, spoofing, and use-after-free vulnerabilities...

9.8CVSS8.5AI score0.09185EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Apple Security Advisory 07-29-2025-6

Apple Security Advisory 07-29-2025-6 - watchOS 11.6 addresses out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS8.6AI score0.09185EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Apple Security Advisory 07-29-2025-2

Apple Security Advisory 07-29-2025-2 - iPadOS 17.7.9 addresses out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS8.2AI score0.09185EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

Apple Security Advisory 07-29-2025-8

Apple Security Advisory 07-29-2025-8 - visionOS 2.6 addresses out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS8.6AI score0.09185EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.2 views

Apple Security Advisory 07-29-2025-4

Apple Security Advisory 07-29-2025-4 - macOS Sonoma 14.7.7 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS7.2AI score0.012EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Apple Security Advisory 07-29-2025-3

Apple Security Advisory 07-29-2025-3 - macOS Sequoia 15.6 addresses bypass, cross site scripting, integer overflow, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.8CVSS8.4AI score0.09185EPSS
Exploits3
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.10 views

GitKraken Desktop 11.2.1 Code Injection

GitKraken Desktop versions 10.8.0 through 11.2.1 are vulnerable to code injection via misconfigured Electron Fuses...

9.8CVSS7.5AI score0.00545EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

SAEL: Leveraging Large Language Models with Adaptive Mixture-Of-Experts for Smart Contract Vulnerability Detection

With the increasing security issues in blockchain, smart contract vulnerability detection has become a research focus. Existing vulnerability detection methods have their limitations: 1 Static analysis methods struggle with complex scenarios. 2 Methods based on specialized pre-trained models...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Apple Security Advisory 07-29-2025-5

Apple Security Advisory 07-29-2025-5 - macOS Ventura 13.7.7 addresses bypass, code execution, integer overflow, out of bounds access, out of bounds read, and use-after-free vulnerabilities...

9.8CVSS7.2AI score0.01176EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Breaking Obfuscation: Cluster-Aware Graph with LLM-Aided Recovery for Malicious JavaScript Detection

With the rapid expansion of web-based applications and cloud services, malicious JavaScript code continues to pose significant threats to user privacy, system integrity, and enterprise security. But, detecting such threats remains challenging due to sophisticated code obfuscation techniques and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

DoS Attacks and Defense Technologies in Blockchain Systems: a Hierarchical Analysis

Blockchain technology is widely used in various fields due to its ability to provide decentralization and trustless security. This is a fundamental understanding held by many advocates, but it is misunderstood, leading participants to fail to recognize the limitations of the security that...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.3 views

SHoM: a Mental-Synthesis Trust Management Model for Mitigating Botnet-Driven DDoS Attacks in the Internet of Things

The advantages of IoT in strengthening commercial, industrial, and social ecosystems have led to its widespread expansion. Nevertheless, because endpoint devices have limited computation, storage, and communication capabilities, the IoT infrastructure is vulnerable to several cyber threats. As a...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.7 views

Concrete Security Bounds for Simulation-Based Proofs of Multi-Party Computation Protocols

The concrete security paradigm aims to give precise bounds on the probability that an adversary can subvert a cryptographic mechanism. This is in contrast to asymptotic security, where the probability of subversion may be eventually small, but large enough in practice to be insecure. Fully...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.2 views

Microsegmentation in Zero Trust Part One: Introduction and Planning

The Journey to Zero Trust series covers cybersecurity capabilities and architecture supporting organization adoption of modern zero trust ZT principles. ZT’s core concept of never trust and always verify evolved from prior cybersecurity models. This current ZT series supports an organization’s ZT...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.5 views

Cryptanalysis of LC-MUME: a Lightweight Certificateless Multi-User Matchmaking Encryption for Mobile Devices

Yang et al. proposed a lightweight certificateless multiuser matchmaking encryption LC-MUME scheme for mobile devices, published in IEEE Transactions on Information Forensics and Security TIFS DOI: 10.1109/TIFS.2023.3321961. Their construction aims to reduce computational and communication overhe...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/29 12:0 a.m.5 views

POLARIS: Explainable Artificial Intelligence for Mitigating Power Side-Channel Leakage

Microelectronic systems are widely used in many sensitive applications e.g., manufacturing, energy, defense. These systems increasingly handle sensitive data e.g., encryption key and are vulnerable to diverse threats, such as, power side-channel attacks, which infer sensitive data through dynamic...

7AI score
Exploits0
Total number of security vulnerabilities6850