Lucene search
K
PacketstormnewsRecent

6864 matches found

Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.3 views

Repairing Vulnerabilities without Invisible Hands. a Differentiated Replication Study on LLMs

Background: Automated Vulnerability Repair AVR is a fast-growing branch of program repair. Recent studies show that large language models LLMs outperform traditional techniques, extending their success beyond code generation and fault detection. Hypothesis: These gains may be driven by hidden...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.5 views

Enhanced Deep Learning DeepFake Detection Integrating Handcrafted Features

The rapid advancement of deepfake and face swap technologies has raised significant concerns in digital security, particularly in identity verification and onboarding processes. Conventional detection methods often struggle to generalize against sophisticated facial manipulations. This study...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.4 views

A Novel Post-Quantum Secure Digital Signature Scheme Based on Neural Network

Digital signatures are fundamental cryptographic primitives that ensure the authenticity and integrity of digital documents. In the post-quantum era, classical public key-based signature schemes become vulnerable to brute-force and key-recovery attacks due to the computational power of quantum...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.4 views

Cascading and Proxy Membership Inference Attacks

A Membership Inference Attack MIA assesses how much a trained machine learning model reveals about its training data by determining whether specific query instances were included in the dataset. We classify existing MIAs into adaptive or non-adaptive, depending on whether the adversary is allowed...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.4 views

On Post-Quantum Cryptography Authentication for Quantum Key Distribution

The traditional way for a Quantum Key Distribution QKD user to join a quantum network is by authenticating themselves using pre-shared key material. While this approach is sufficient for small-scale networks, it becomes impractical as the network grows, due to the total quadratic increase in the...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.6 views

Characterizing the Sensitivity to Individual Bit Flips in Client-Side Operations of the CKKS Scheme

Homomorphic Encryption HE enables computation on encrypted data without decryption, making it a cornerstone of privacy-preserving computation in untrusted environments. As HE sees growing adoption in sensitive applications such as secure machine learning and confidential data analysis ensuring it...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.3 views

URLCrazy Domain Name Typo Tool 0.8.2

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo ...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.6 views

Two Views, One Truth: Spectral and Self-Supervised Features Fusion for Robust Speech Deepfake Detection

Recent advances in synthetic speech have made audio deepfakes increasingly realistic, posing significant security risks. Existing detection methods that rely on a single modality, either raw waveform embeddings or spectral based features, are vulnerable to non spoof disturbances and often overfit...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.2 views

Is Crunching Public Data the Right Approach to Detect BGP Hijacks?

The Border Gateway Protocol BGP remains a fragile pillar of Internet routing. BGP hijacks still occurr daily. While full deployment of Route Origin Validation ROV is ongoing, attackers have already adapted, launching post-ROV attacks such as forged-origin hijacks. To detect these, recent approach...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.6 views

EdgeAgentX-DT: Integrating Digital Twins and Generative AI for Resilient Edge Intelligence in Tactical Networks

We introduce EdgeAgentX-DT, an advanced extension of the EdgeAgentX framework that integrates digital twin simulations and generative AI-driven scenario training to significantly enhance edge intelligence in military networks. EdgeAgentX-DT utilizes network digital twins, virtual replicas...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.5 views

Sparse Regression Codes for Secret Key Agreement: Achieving Strong Secrecy and Near-Optimal Rates for Gaussian Sources

Secret key agreement from correlated physical layer observations is a cornerstone of information-theoretic security. This paper proposes and rigorously analyzes a complete, constructive protocol for secret key agreement from Gaussian sources using Sparse Regression Codes SPARCs. Our protocol...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.5 views

Measuring and Explaining the Effects of Android App Transformations in Online Malware Detection

It is well known that antivirus engines are vulnerable to evasion techniques e.g., obfuscation that transform malware into its variants. However, it cannot be necessarily attributed to the effectiveness of these evasions, and the limits of engines may also make this unsatisfactory result. In this...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.2 views

Interpretable Anomaly-Based DDoS Detection in AI-RAN with XAI and LLMs

Next generation Radio Access Networks RANs introduce programmability, intelligence, and near real-time control through intelligent controllers, enabling enhanced security within the RAN and across broader 5G/6G infrastructures. This paper presents a comprehensive survey highlighting opportunities...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/27 12:0 a.m.7 views

WBHT: a Generative Attention Architecture for Detecting Black Hole Anomalies in Backbone Networks

We propose the Wasserstein Black Hole Transformer WBHT framework for detecting black hole BH anomalies in communication networks. These anomalies cause packet loss without failure notifications, disrupting connectivity and leading to financial losses. WBHT combines generative modeling, sequential...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.6 views

ConSeg: Contextual Backdoor Attack against Semantic Segmentation

Despite significant advancements in computer vision, semantic segmentation models may be susceptible to backdoor attacks. These attacks, involving hidden triggers, aim to cause the models to misclassify instances of the victim class as the target class when triggers are present, posing serious...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.6 views

Cryptographic Data Exchange for Nuclear Warheads

Nuclear arms control treaties have historically focused on strategic nuclear delivery systems, leaving nuclear warheads outside formal verification frameworks. This paper presents a cryptographic protocol for secure and verifiable warhead tracking, addressing challenges in nuclear warhead...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.5 views

HumanSAM: Classifying Human-Centric Forgery Videos in Human Spatial, Appearance, and Motion Anomaly

Numerous synthesized videos from generative models, especially human-centric ones that simulate realistic human actions, pose significant threats to human information security and authenticity. While progress has been made in binary forgery video detection, the lack of fine-grained understanding ...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.4 views

FedBAP: Backdoor Defense Via Benign Adversarial Perturbation in Federated Learning

Federated Learning FL enables collaborative model training while preserving data privacy, but it is highly vulnerable to backdoor attacks. Most existing defense methods in FL have limited effectiveness due to their neglect of the model's over-reliance on backdoor triggers, particularly as the...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.8 views

Trivial Trojans: How Minimal MCP Servers Enable Cross-Tool Exfiltration of Sensitive Data

The Model Context Protocol MCP represents a significant advancement in AI-tool integration, enabling seamless communication between AI agents and external services. However, this connectivity introduces novel attack vectors that remain largely unexplored. This paper demonstrates how unsophisticat...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.6 views

ModShift: Model Privacy Via Designed Shifts

In this paper, shifts are introduced to preserve model privacy against an eavesdropper in federated learning. Model learning is treated as a parameter estimation problem. This perspective allows us to derive the Fisher Information matrix of the model updates from the shifted updates and drive the...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/26 12:0 a.m.6 views

SDD: Self-Degraded Defense against Malicious Fine-Tuning

Open-source Large Language Models LLMs often employ safety alignment methods to resist harmful instructions. However, recent research shows that maliciously fine-tuning these LLMs on harmful data can easily bypass these safeguards. To counter this, we theoretically uncover why malicious fine-tuni...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.17 views

URLCrazy Domain Name Typo Tool 0.8.1

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo ...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.3 views

Virtual Local Area Network over HTTP for Launching an Insider Attack

Computers and computer networks have become integral to virtually every aspect of modern life, with the Internet playing an indispensable role. Organizations, businesses, and individuals now store vast amounts of proprietary, confidential, and personal data digitally. As such, ensuring the securi...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.7 views

Generating Adversarial Point Clouds Using Diffusion Model

Adversarial attack methods for 3D point cloud classification reveal the vulnerabilities of point cloud recognition models. This vulnerability could lead to safety risks in critical applications that use deep learning models, such as autonomous vehicles. To uncover the deficiencies of these models...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.9 views

PAM Environment Variable Injection

PAM pamenv.so module allows environment variable injection via /.pamenvironment leading to privilege escalation through SystemD session manipulation. This scripts gauges exploitability...

7.8CVSS8.7AI score0.00957EPSS
Exploits19
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.1 views

Securing the Internet of Medical Things (IoMT): Real-World Attack Taxonomy and Practical Security Measures

The Internet of Medical Things IoMT has the potential to radically improve healthcare by enabling real-time monitoring, remote diagnostics, and AI-driven decision making. However, the connectivity, embedded intelligence, and inclusion of a wide variety of novel sensors expose medical devices to...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.7 views

Transcript Franking for Encrypted Messaging

Message franking is an indispensable abuse mitigation tool for end-to-end encrypted E2EE messaging platforms. With it, users who receive harmful content can securely report that content to platform moderators. However, while real-world deployments of reporting require the disclosure of multiple...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.5 views

PurpCode: Reasoning for Safer Code Generation

We introduce PurpCode, the first post-training recipe for training safe code reasoning models towards generating secure code and defending against malicious cyberactivities. PurpCode trains a reasoning model in two stages: i Rule Learning, which explicitly teaches the model to reference cybersafe...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.5 views

OneShield -- the Next Generation of LLM Guardrails

The rise of Large Language Models has created a general excitement about the great potential for a myriad of applications. While LLMs offer many possibilities, questions about safety, privacy, and ethics have emerged, and all the key actors are working to address these issues with protective...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.4 views

PrompTrend: Continuous Community-Driven Vulnerability Discovery and Assessment for Large Language Models

Static benchmarks fail to capture LLM vulnerabilities emerging through community experimentation in online forums. We present PrompTrend, a system that collects vulnerability data across platforms and evaluates them using multidimensional scoring, with an architecture designed for scalable...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.7 views

Running in CIRCLE? A Simple Benchmark for LLM Code Interpreter Security

As large language models LLMs increasingly integrate native code interpreters, they enable powerful real-time execution capabilities, substantially expanding their utility. However, such integrations introduce potential system-level cybersecurity threats, fundamentally different from prompt-based...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.5 views

Clean Code in Practice: Challenges and Opportunities

Reliability prediction is crucial for ensuring the safety and security of software systems, especially in the context of industry practices. While various metrics and measurements are employed to assess software reliability, the complexity of modern systems necessitates a deeper understanding of...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.4 views

How to Copy-Protect Malleable-Puncturable Cryptographic Functionalities under Arbitrary Challenge Distributions

A quantum copy-protection scheme Aaronson, CCC 2009 encodes a functionality into a quantum state such that given this state, no efficient adversary can create two possibly entangled quantum states that are both capable of running the functionality. There has been a recent line of works on...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.4 views

Jailbreaking Large Language Diffusion Models: Revealing Hidden Safety Flaws in Diffusion-Based Text Generation

Large Language Diffusion Models LLDMs exhibit comparable performance to LLMs while offering distinct advantages in inference speed and mathematical reasoning tasks.The precise and rapid generation capabilities of LLDMs amplify concerns of harmful generations, while existing jailbreak methodologie...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.6 views

Enhancing IoT Intrusion Detection Systems through Adversarial Training

The augmentation of Internet of Things IoT devices transformed both automation and connectivity but revealed major security vulnerabilities in networks. We address these challenges by designing a robust intrusion detection system IDS to detect complex attacks by learning patterns from the...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.2 views

MOCHA: Are Code Language Models Robust against Multi-Turn Malicious Coding Prompts?

Recent advancements in Large Language Models LLMs have significantly enhanced their code generation capabilities. However, their robustness against adversarial misuse, particularly through multi-turn malicious coding prompts, remains underexplored. In this work, we introduce code decomposition...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.4 views

On Anti-Collusion Codes for Averaging Attack in Multimedia Fingerprinting

Multimedia fingerprinting is a technique to protect the copyrighted contents against being illegally redistributed under various collusion attack models. Averaging attack is the most fair choice for each colluder to avoid detection, and also makes the pirate copy have better perceptional quality...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.8 views

KD-GAT: Combining Knowledge Distillation and Graph Attention Transformer for a Controller Area Network Intrusion Detection System

The Controller Area Network CAN protocol is widely adopted for in-vehicle communication but lacks inherent security mechanisms, making it vulnerable to cyberattacks. This paper introduces KD-GAT, an intrusion detection framework that combines Graph Attention Networks GATs with knowledge...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/25 12:0 a.m.5 views

On the Security of a Code-Based PIR Scheme

Private Information Retrieval PIR schemes allow clients to retrieve files from a database without disclosing the requested file's identity to the server. In the pursuit of post-quantum security, most recent PIR schemes rely on hard lattice problems. In contrast, the so called CB-cPIR scheme stand...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.6 views

Secure One-Sided Device-Independent Quantum Key Distribution under Collective Attacks with Enhanced Robustness

We study the security of a quantum key distribution QKD protocol under the one-sided device-independent 1sDI setting, which assumes trust in only one party's measurement device. This approach effectively provides a balance between the experimental viability of device-dependent DD-QKD and the...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.6 views

Information Security Based on LLM Approaches: a Review

Information security is facing increasingly severe challenges, and traditional protection means are difficult to cope with complex and changing threats. In recent years, as an emerging intelligent technology, large language models LLMs have shown a broad application prospect in the field of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.4 views

PRACtical: Subarray-Level Counter Update and Bank-Level Recovery Isolation for Efficient PRAC Rowhammer Mitigation

As DRAM density increases, Rowhammer becomes more severe due to heightened charge leakage, reducing the number of activations needed to induce bit flips. The DDR5 standard addresses this threat with in-DRAM per-row activation counters PRAC and the Alert Back-Off ABO signal to trigger mitigation...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.5 views

Regression-Aware Continual Learning for Android Malware Detection

Malware evolves rapidly, forcing machine learning ML-based detectors to adapt continuously. With antivirus vendors processing hundreds of thousands of new samples daily, datasets can grow to billions of examples, making full retraining impractical. Continual learning CL has emerged as a scalable...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.4 views

Thermal-Aware 3D Design for Side-Channel Information Leakage

Side-channel attacks are important security challenges as they reveal sensitive information about on-chip activities. Among such attacks, the thermal side-channel has been shown to disclose the activities of key functional blocks and even encryption keys. This paper proposes a novel approach to...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.5 views

An Improved ChaCha Algorithm Based on Quantum Random Number

Due to the merits of high efficiency and strong security against timing and side-channel attacks, ChaCha has been widely applied in real-time communication and data streaming scenarios. However, with the rapid development of AI-assisted cryptanalysis and quantum computing technologies, there are...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.4 views

Assessment of Quantitative Cyber-Physical Reliability of SCADA Systems in Autonomous Vehicle to Grid (V2G) Capable Smart Grids

The integration of electric vehicles EVs into power grids via Vehicle-to-Grid V2G system technology is increasing day by day, but these phenomena present both advantages and disadvantages. V2G can increase grid reliability by providing distributed energy storage and ancillary services. However, o...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.18 views

LoRA-Leak: Membership Inference Attacks against LoRA Fine-Tuned Language Models

Language Models LMs typically adhere to a "pre-training and fine-tuning" paradigm, where a universal pre-trained model can be fine-tuned to cater to various specialized domains. Low-Rank Adaptation LoRA has gained the most widespread use in LM fine-tuning due to its lightweight computational cost...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.6 views

Scout: Leveraging Large Language Models for Rapid Digital Evidence Discovery

Recent technological advancements and the prevalence of technology in day to day activities have caused a major increase in the likelihood of the involvement of digital evidence in more and more legal investigations. Consumer-grade hardware is growing more powerful, with expanding memory and...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.2 views

Evaluating Ensemble and Deep Learning Models for Static Malware Detection with Dimensionality Reduction Using the EMBER Dataset

This study investigates the effectiveness of several machine learning algorithms for static malware detection using the EMBER dataset, which contains feature representations of Portable Executable PE files. We evaluate eight classification models: LightGBM, XGBoost, CatBoost, Random Forest, Extra...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.5 views

Unmasking Synthetic Realities in Generative AI: a Comprehensive Review of Adversarially Robust Deepfake Detection Systems

The rapid advancement of Generative Artificial Intelligence has fueled deepfake proliferation-synthetic media encompassing fully generated content and subtly edited authentic material-posing challenges to digital security, misinformation mitigation, and identity preservation. This systematic revi...

6.9AI score
Exploits0
Total number of security vulnerabilities6864