Lucene search
K
PacketstormnewsRecent

6864 matches found

Packet Storm News
Packet Storm News
•added 2025/07/24 12:0 a.m.•5 views

Auto-SGCR: Automated Generation of Smart Grid Cyber Range Using IEC 61850 Standard Models

Digitalization of power grids have made them increasingly susceptible to cyber-attacks in the past decade. Iterative cybersecurity testing is indispensable to counter emerging attack vectors and to ensure dependability of critical infrastructure. Furthermore, these can be used to evaluate...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/24 12:0 a.m.•6 views

Exploring the Jupyter Ecosystem: an Empirical Study of Bugs and Vulnerabilities

Background. Jupyter notebooks are one of the main tools used by data scientists. Notebooks include features configuration scripts, markdown, images, etc. that make them challenging to analyze compared to traditional software. As a result, existing software engineering models, tools, and studies d...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•6 views

Learning to Locate: GNN-Powered Vulnerability Path Discovery in Open Source Code

Detecting security vulnerabilities in open-source software is a critical task that is highly regarded in the related research communities. Several approaches have been proposed in the literature for detecting vulnerable codes and identifying the classes of vulnerabilities. However, there is still...

7.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•4 views

C-AAE: Compressively Anonymizing Autoencoders for Privacy-Preserving Activity Recognition in Healthcare Sensor Streams

Wearable accelerometers and gyroscopes encode fine-grained behavioural signatures that can be exploited to re-identify users, making privacy protection essential for healthcare applications. We introduce C-AAE, a compressive anonymizing autoencoder that marries an Anonymizing AutoEncoder AAE with...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•12 views

Learning-Based Privacy-Preserving Graph Publishing against Sensitive Link Inference Attacks

Publishing graph data is widely desired to enable a variety of structural analyses and downstream tasks. However, it also potentially poses severe privacy leakage, as attackers may leverage the released graph data to launch attacks and precisely infer private information such as the existence of...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•48 views

Quantum Software Security Challenges within Shared Quantum Computing Environments

The number of qubits in quantum computers keeps growing, but most quantum programs remain relatively small because of the noisy nature of the underlying quantum hardware. This might lead quantum cloud providers to explore increased hardware utilization, and thus profitability through means such a...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•5 views

Rethinking HSM and TPM Security in the Cloud: Real-World Attacks and Next-Gen Defenses

As organizations rapidly migrate to the cloud, the security of cryptographic key management has become a growing concern. Hardware Security Modules HSMs and Trusted Platform Modules TPMs, traditionally seen as the gold standard for securing encryption keys and digital trust, are increasingly...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•7 views

CASCADE: LLM-Powered JavaScript Deobfuscator at Google

Software obfuscation, particularly prevalent in JavaScript, hinders code comprehension and analysis, posing significant challenges to software testing, static analysis, and malware detection. This paper introduces CASCADE, a novel hybrid approach that integrates the advanced coding capabilities o...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•7 views

Tab-MIA: a Benchmark Dataset for Membership Inference Attacks on Tabular Data in LLMs

Large language models LLMs are increasingly trained on tabular data, which, unlike unstructured text, often contains personally identifiable information PII in a highly structured and explicit format. As a result, privacy risks arise, since sensitive records can be inadvertently retained by the...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•6 views

Removing Box-Free Watermarks for Image-To-Image Models Via Query-Based Reverse Engineering

The intellectual property of deep generative networks GNets can be protected using a cascaded hiding network HNet which embeds watermarks or marks into GNet outputs, known as box-free watermarking. Although both GNet and HNet are encapsulated in a black box called operation network, or ONet, with...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•12 views

Trusted Data Fusion, Multi-Agent Autonomy, Autonomous Vehicles

Multi-agent collaboration enhances situational awareness in intelligence, surveillance, and reconnaissance ISR missions. Ad hoc networks of unmanned aerial vehicles UAVs allow for real-time data sharing, but they face security challenges due to their decentralized nature, making them vulnerable t...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•6 views

Towards Unifying Quantitative Security Benchmarking for Multi Agent Systems

Evolving AI systems increasingly deploy multi-agent architectures where autonomous agents collaborate, share information, and delegate tasks through developing protocols. This connectivity, while powerful, introduces novel security risks. One such risk is a cascading risk: a breach in one agent c...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•3 views

NIST Post-Quantum Cryptography Standard Algorithms Based on Quantum Random Number Generators

In recent years, the advancement of quantum computing technology has posed potential security threats to RSA cryptography and elliptic curve cryptography. In response, the National Institute of Standards and Technology NIST published several Federal Information Processing Standards FIPS of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•2 views

MeAJOR Corpus: a Multi-Source Dataset for Phishing Email Detection

Phishing emails continue to pose a significant threat to cybersecurity by exploiting human vulnerabilities through deceptive content and malicious payloads. While Machine Learning ML models are effective at detecting phishing threats, their performance largely relies on the quality and diversity ...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•4 views

Joint Resource Optimization over Licensed and Unlicensed Spectrum in Spectrum Sharing UAV Networks against Jamming Attacks

Unmanned aerial vehicle UAV communication is of crucial importance in realizing heterogeneous practical wireless application scenarios. However, the densely populated users and diverse services with high data rate demands has triggered an increasing scarcity of UAV spectrum utilization. To tackle...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•14 views

Quantifying the ROI of Cyber Threat Intelligence: a Data-Driven Approach

The valuation of Cyber Threat Intelligence CTI remains a persistent challenge due to the problem of negative evidence: successful threat prevention results in non-events that generate minimal observable financial impact, making CTI expenditures difficult to justify within traditional cost-benefit...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•4 views

LLM Meets the Sky: Heuristic Multi-Agent Reinforcement Learning for Secure Heterogeneous UAV Networks

This work tackles the physical layer security PLS problem of maximizing the secrecy rate in heterogeneous UAV networks HetUAVNs under propulsion energy constraints. Unlike prior studies that assume uniform UAV capabilities or overlook energy-security trade-offs, we consider a realistic scenario...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•5 views

CHAMP: a Configurable, Hot-Swappable Edge Architecture for Adaptive Biometric Tasks

What if you could piece together your own custom biometrics and AI analysis system, a bit like LEGO blocks? We aim to bring that technology to field operators in the field who require flexible, high-performance edge AI system that can be adapted on a moment's notice. This paper introduces CHAMP...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•7 views

Development of a Standardized Testing Environment for QRNGs Based on Semiconductor Laser Phase Noise

Quantum random number generators QRNGs based on semiconductor laser phase noise are an inexpensive and efficient resource for true random numbers. Commercially available technology allows for designing QRNG setups tailored to specific use cases. However, it is important to constantly monitor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•8 views

Enabling Cyber Security Education through Digital Twins and Generative AI

Digital Twins DTs are gaining prominence in cybersecurity for their ability to replicate complex IT Information Technology, OT Operational Technology, and IoT Internet of Things infrastructures, allowing for real time monitoring, threat analysis, and system simulation. This study investigates how...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•7 views

WaveVerify: a Novel Audio Watermarking Framework for Media Authentication and Combatting Deepfakes

The rapid advancement of voice generation technologies has enabled the synthesis of speech that is perceptually indistinguishable from genuine human voices. While these innovations facilitate beneficial applications such as personalized text-to-speech systems and voice preservation, they have als...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•6 views

On One-Shot Signatures, Quantum Vs Classical Binding, and Obfuscating Permutations

One-shot signatures OSS were defined by Amos, Georgiou, Kiayias, and Zhandry STOC'20. These allow for signing exactly one message, after which the signing key self-destructs, preventing a second message from ever being signed. While such an object is impossible classically, Amos et al observe tha...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•7 views

Leveraging Trustworthy AI for Automotive Security in Multi-Domain Operations: Towards a Responsive Human-AI Multi-Domain Task Force for Cyber Social Security

Multi-Domain Operations MDOs emphasize cross-domain defense against complex and synergistic threats, with civilian infrastructures like smart cities and Connected Autonomous Vehicles CAVs emerging as primary targets. As dual-use assets, CAVs are vulnerable to Multi-Surface Threats MSTs,...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•5 views

An Empirical Study on Virtual Reality Software Security Weaknesses

Virtual Reality VR has emerged as a transformative technology across industries, yet its security weaknesses, including vulnerabilities, are underinvestigated. This study investigates 334 VR projects hosted on GitHub, examining 1,681 software security weaknesses to understand: what types of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•5 views

Restricted Boltzmann Machine As a Probabilistic Enigma

We theoretically propose a symmetric encryption scheme based on Restricted Boltzmann Machines that functions as a probabilistic Enigma device, encoding information in the marginal distributions of visible states while utilizing bias permutations as cryptographic keys. Theoretical analysis reveals...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•4 views

form-data Insufficient Randomness

form-data uses Math.random to select a boundary value for multipart form-encoded data. This can lead to a security issue if an attacker can observe other values produced by Math.random in the target application and can control one field of a request made using form-data...

9.4CVSS6.7AI score0.01735EPSS
Exploits1
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•4 views

PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python

Python software development heavily relies on third-party packages. Direct and transitive dependencies create a labyrinth of software supply chains. While it is convenient to reuse code, vulnerabilities within these dependency chains can propagate through dependencies, potentially affecting...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/23 12:0 a.m.•5 views

Performance Evaluation and Threat Mitigation in Large-Scale 5G Core Deployment

The deployment of large-scale software-based 5G core functions presents significant challenges due to their reliance on optimized and intelligent resource provisioning for their services. Many studies have focused on analyzing the impact of resource allocation for complex deployments using...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•1 views

Android dng_sdk DeltaPerRow Out-Of-Bounds Read

Android's dng suffers from a DeltaPerRow out-of-bounds read vulnerability...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•4 views

DREAM: Scalable Red Teaming for Text-To-Image Generative Systems Via Distribution Modeling

Despite the integration of safety alignment and external filters, text-to-image T2I generative models are still susceptible to producing harmful content, such as sexual or violent imagery. This raises serious concerns about unintended exposure and potential misuse. Red teaming, which aims to...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

EX-NIDS: a Framework for Explainable Network Intrusion Detection Leveraging Large Language Models

This paper introduces eX-NIDS, a framework designed to enhance interpretability in flow-based Network Intrusion Detection Systems NIDS by leveraging Large Language Models LLMs. In our proposed framework, flows labelled as malicious by NIDS are initially processed through a module called the Promp...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

SoK: Securing the Final Frontier for Cybersecurity in Space-Based Infrastructure

With the advent of modern technology, critical infrastructure, communications, and national security depend increasingly on space-based assets. These assets, along with associated assets like data relay systems and ground stations, are, therefore, in serious danger of cyberattacks. Strong securit...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•6 views

Logwatch 7.13

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

Analysis of Post-Quantum Cryptography in User Equipment in 5G and Beyond

The advent of quantum computing threatens the security of classical public-key cryptographic systems, prompting the transition to post-quantum cryptography PQC. While PQC has been analyzed in theory, its performance in practical wireless communication environments remains underexplored. This pape...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

Talking like a Phisher: LLM-Based Attacks on Voice Phishing Classifiers

Voice phishing vishing remains a persistent threat in cybersecurity, exploiting human trust through persuasive speech. While machine learning ML-based classifiers have shown promise in detecting malicious call transcripts, they remain vulnerable to adversarial manipulations that preserve semantic...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•12 views

LENS-DF: Deepfake Detection and Temporal Localization for Long-Form Noisy Speech

This study introduces LENS-DF, a novel and comprehensive recipe for training and evaluating audio deepfake detection and temporal localization under complicated and realistic audio conditions. The generation part of the recipe outputs audios from the input dataset with several critical...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•4 views

Revisiting Pre-Trained Language Models for Vulnerability Detection

The rapid advancement of pre-trained language models PLMs has demonstrated promising results for various code-related tasks. However, their effectiveness in detecting real-world vulnerabilities remains a critical challenge. % for the security community. While existing empirical studies evaluate...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•7 views

GATEBLEED: Exploiting On-Core Accelerator Power Gating for High Performance and Stealthy Attacks on AI

As power consumption from AI training and inference continues to increase, AI accelerators are being integrated directly into the CPU. Intel's Advanced Matrix Extensions AMX is one such example, debuting on the 4th generation Intel Xeon Scalable CPU. We discover a timing side and covert channel,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

Faraday 5.15.2

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•4 views

The Postman: a Journey of Ethical Hacking in PosteID/SPID Borderland

This paper presents a vulnerability assessment activity that we carried out on PosteID, the implementation of the Italian Public Digital Identity System SPID by Poste Italiane. The activity led to the discovery of a critical privilege escalation vulnerability, which was eventually patched. The...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

ShrinkBox: Backdoor Attack on Object Detection to Disrupt Collision Avoidance in Machine Learning-Based Advanced Driver Assistance Systems

Advanced Driver Assistance Systems ADAS significantly enhance road safety by detecting potential collisions and alerting drivers. However, their reliance on expensive sensor technologies such as LiDAR and radar limits accessibility, particularly in low- and middle-income countries. Machine...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•14 views

LLMxCPG: Context-Aware Vulnerability Detection through Code Property Graph-Guided Large Language Models

Software vulnerabilities present a persistent security challenge, with over 25,000 new vulnerabilities reported in the Common Vulnerabilities and Exposures CVE database in 2024 alone. While deep learning based approaches show promise for vulnerability detection, recent studies reveal critical...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•7 views

LLM4MEA: Data-Free Model Extraction Attacks on Sequential Recommenders Via Large Language Models

Recent studies have demonstrated the vulnerability of sequential recommender systems to Model Extraction Attacks MEAs. MEAs collect responses from recommender systems to replicate their functionality, enabling unauthorized deployments and posing critical privacy and security risks. Black-box...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•8 views

CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•6 views

Secure Wireless Communication Via Polarforming

Polarforming is a promising technique that enables dynamic adjustment of antenna polarization to mitigate depolarization effects commonly encountered during electromagnetic EM wave propagation. In this letter, we investigate the polarforming design for secure wireless communication systems, where...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•4 views

Building a Robust OAuth Token Based API Security: a High Level Overview

APIs Application Programming Interfaces or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and scalable solutions for secure authentication and authorization...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•3 views

Analysis of Threat-Based Manipulation in Large Language Models: a Dual Perspective on Vulnerabilities and Performance Enhancement Opportunities

Large Language Models LLMs demonstrate complex responses to threat-based manipulations, revealing both vulnerabilities and unexpected performance enhancement opportunities. This study presents a comprehensive analysis of 3,390 experimental responses from three major LLMs Claude, GPT-4, Gemini...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

When LLMs Copy to Think: Uncovering Copy-Guided Attacks in Reasoning LLMs

Large Language Models LLMs have become integral to automated code analysis, enabling tasks such as vulnerability detection and code comprehension. However, their integration introduces novel attack surfaces. In this paper, we identify and investigate a new class of prompt-based attacks, termed...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•5 views

Zeek 7.0.9

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/22 12:0 a.m.•11 views

Towards Trustworthy AI: Secure Deepfake Detection Using CNNs and Zero-Knowledge Proofs

In the era of synthetic media, deepfake manipulations pose a significant threat to information integrity. To address this challenge, we propose TrustDefender, a two-stage framework comprising i a lightweight convolutional neural network CNN that detects deepfake imagery in real-time extended...

6.6AI score
Exploits0
Total number of security vulnerabilities6864