Lucene search
K
PacketstormnewsRecent

6864 matches found

Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•2 views

TopicAttack: an Indirect Prompt Injection Attack Via Topic Transition

Large language models LLMs have shown remarkable performance across a range of NLP tasks. However, their strong instruction-following capabilities and inability to distinguish instructions from data content make them vulnerable to indirect prompt injection attacks. In such attacks, instructions...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•3 views

The CryptoNeo Threat Modelling Framework (CNTMF): Securing Neobanks and Fintech in Integrated Blockchain Ecosystems

The rapid integration of blockchain, cryptocurrency, and Web3 technologies into digital banks and fintech operations has created an integrated environment blending traditional financial systems with decentralised elements. This paper introduces the CryptoNeo Threat Modelling Framework CNTMF, a...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•3 views

Kintsugi: Decentralized E2EE Key Recovery

Kintsugi is a protocol for key recovery, allowing a user to regain access to end-to-end encrypted data after they have lost their device, but still have their potentially low-entropy password. Existing E2EE key recovery methods, such as those deployed by Signal and WhatsApp, centralize trust by...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•6 views

Breaking the Illusion of Security Via Interpretation: Interpretable Vision Transformer Systems under Attack

Vision transformer ViT models, when coupled with interpretation models, are regarded as secure and challenging to deceive, making them well-suited for security-critical domains such as medical applications, autonomous vehicles, drones, and robotics. However, successful attacks on these systems ca...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•4 views

Wireshark Analyzer 4.4.8

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

7.8CVSS6.7AI score0.00297EPSS
Exploits1
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•5 views

Quantum Blockchain Survey: Foundations, Trends, and Gaps

Quantum computing poses fundamental risks to classical blockchain systems by undermining widely used cryptographic primitives. In response, two major research directions have emerged: post-quantum blockchains, which integrate quantum-resistant algorithms, and quantum blockchains, which leverage...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•4 views

An Adversarial-Driven Experimental Study on Deep Learning for RF Fingerprinting

Radio frequency RF fingerprinting, which extracts unique hardware imperfections of radio devices, has emerged as a promising physical-layer device identification mechanism in zero trust architectures and beyond 5G networks. In particular, deep learning DL methods have demonstrated state-of-the-ar...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•3 views

Stablecoins: Fundamentals, Emerging Issues, and Open Challenges

Stablecoins, with a capitalization exceeding 200 billion USD as of January 2025, have shown significant growth, with annual transaction volumes exceeding 10 trillion dollars in 2023 and nearly doubling that figure in 2024. This exceptional success has attracted the attention of traditional...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•5 views

Faraday 5.15.1

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•4 views

Chain Table: Protecting Table-Level Data Integrity by Digital Ledger Technology

The rise of blockchain and Digital Ledger Technology DLT has gained wide traction. Instead of relying on a traditional centralized data authority, a blockchain system consists of digitally entangled block data shared across a distributed network. The specially designed chain data structure and it...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/18 12:0 a.m.•7 views

Developers Insight on Manifest V3 Privacy and Security Webextensions

Webextensions can improve web browser privacy, security, and user experience. The APIs offered by the browser to webextensions affect possible functionality. Currently, Chrome transitions to a modified set of APIs called Manifest v3. This paper studies the challenges and opportunities of Manifest...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

Adversarial Attacks to Image Classification Systems Using Evolutionary Algorithms

Image classification currently faces significant security challenges due to adversarial attacks, which consist of intentional alterations designed to deceive classification models based on artificial intelligence. This article explores an approach to generate adversarial attacks against image...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

IDFace: Face Template Protection for Efficient and Secure Identification

As face recognition systems FRS become more widely used, user privacy becomes more important. A key privacy issue in FRS is protecting the user's face template, as the characteristics of the user's face image can be recovered from the template. Although recent advances in cryptographic tools such...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•3 views

An Investigation of Ear-EEG Signals for a Novel Biometric Authentication System

This work explores the feasibility of biometric authentication using EEG signals acquired through in-ear devices, commonly referred to as ear-EEG. Traditional EEG-based biometric systems, while secure, often suffer from low usability due to cumbersome scalp-based electrode setups. In this study, ...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

A Bayesian Incentive Mechanism for Poison-Resilient Federated Learning

Federated learning FL enables collaborative model training across decentralized clients while preserving data privacy. However, its open-participation nature exposes it to data-poisoning attacks, in which malicious actors submit corrupted model updates to degrade the global model. Existing defens...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

Evasion under Blockchain Sanctions

Sanctioning blockchain addresses has become a common regulatory response to malicious activities. However, enforcement on permissionless blockchains remains challenging due to complex transaction flows and sophisticated fund-obfuscation techniques. Using cryptocurrency mixing tool Tornado Cash as...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

A Crowdsensing Intrusion Detection Dataset for Decentralized Federated Learning Models

This paper introduces a dataset and experimental study for decentralized federated learning DFL applied to IoT crowdsensing malware detection. The dataset comprises behavioral records from benign and eight malware families. A total of 21,582,484 original records were collected from system calls,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

Learning-Based Cost-Aware Defense of Parallel Server Systems against Malicious Attacks

We consider the cyber-physical security of parallel server systems, which is relevant for a variety of engineering applications such as networking, manufacturing, and transportation. These systems rely on feedback control and may thus be vulnerable to malicious attacks such as denial-of-service,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

Faraday 5.15.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

Expanding ML-Documentation Standards for Better Security

This article presents the current state of ML-security and of the documentation of ML-based systems, models and datasets in research and practice based on an extensive review of the existing literature. It shows a generally low awareness of security aspects among ML-practitioners and organization...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•12 views

Unveiling Usability Challenges in Web Privacy Controls

With the increasing concerns around privacy and the enforcement of data privacy laws, many websites now provide users with privacy controls. However, locating these controls can be challenging, as they are frequently hidden within multiple settings and layers. Moreover, the lack of standardizatio...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•7 views

Jailbreak-Tuning: Models Efficiently Learn Jailbreak Susceptibility

AI systems are rapidly advancing in capability, and frontier model developers broadly acknowledge the need for safeguards against serious misuse. However, this paper demonstrates that fine-tuning, whether via open weights or closed fine-tuning APIs, can produce helpful-only models. In contrast to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

A Privacy-Preserving Framework for Advertising Personalization Incorporating Federated Learning and Differential Privacy

To mitigate privacy leakage and performance issues in personalized advertising, this paper proposes a framework that integrates federated learning and differential privacy. The system combines distributed feature extraction, dynamic privacy budget allocation, and robust model aggregation to balan...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

Toward an Intent-Based and Ontology-Driven Autonomic Security Response in Security Orchestration Automation and Response

Modern Security Orchestration, Automation, and Response SOAR platforms must rapidly adapt to continuously evolving cyber attacks. Intent-Based Networking has emerged as a promising paradigm for cyber attack mitigation through high-level declarative intents, which offer greater flexibility and...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•6 views

Non-Adaptive Adversarial Face Generation

Adversarial attacks on face recognition systems FRSs pose serious security and privacy threats, especially when these systems are used for identity verification. In this paper, we propose a novel method for generating adversarial faces-synthetic facial images that are visually distinct yet...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•6 views

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•7 views

PHASE: Passive Human Activity Simulation Evaluation

Cybersecurity simulation environments, such as cyber ranges, honeypots, and sandboxes, require realistic human behavior to be effective, yet no quantitative method exists to assess the behavioral fidelity of synthetic user personas. This paper presents PHASE Passive Human Activity Simulation...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•7 views

Backscattering-Based Security in Wireless Power Transfer Applied to Battery-Free BLE Sensors

The integration of security and energy efficiency in Internet of Things systems remains a critical challenge, particularly for battery-free and resource-constrained devices. This paper explores the scalability and protocol-agnostic nature of a backscattering-based security mechanism by integratin...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•10 views

Space Cybersecurity Testbed: Fidelity Framework, Example Implementation, and Characterization

Cyber threats against space infrastructures, including satellites and systems on the ground, have not been adequately understood. Testbeds are important to deepen our understanding and validate space cybersecurity studies. The state of the art is that there are very few studies on building...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

MAD-Spear: a Conformity-Driven Prompt Injection Attack on Multi-Agent Debate Systems

Multi-agent debate MAD systems leverage collaborative interactions among large language models LLMs agents to improve reasoning capabilities. While recent studies have focused on increasing the accuracy and scalability of MAD systems, their security vulnerabilities have received limited attention...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•1 views

Challenges in GenAI and Authentication: a Scoping Review

Authentication and authenticity have been a security challenge since the beginning of information sharing, especially in the context of digital information. With the advancement of generative artificial intelligence, these challenges have evolved, demanding a more up-to-date analysis of their...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•8 views

Prompt Injection 2.0: Hybrid AI Threats

Prompt injection attacks, where malicious input is designed to manipulate AI systems into ignoring their original instructions and following unauthorized commands instead, were first discovered by Preamble, Inc. in May 2022 and responsibly disclosed to OpenAI. Over the last three years, these...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

Large Language Models in Cybersecurity: Applications, Vulnerabilities, and Defense Techniques

Large Language Models LLMs are transforming cybersecurity by enabling intelligent, adaptive, and automated approaches to threat detection, vulnerability assessment, and incident response. With their advanced language understanding and contextual reasoning, LLMs surpass traditional methods in...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

SHIELD: a Secure and Highly Enhanced Integrated Learning for Robust Deepfake Detection against Adversarial Attacks

Audio plays a crucial role in applications like speaker verification, voice-enabled smart devices, and audio conferencing. However, audio manipulations, such as deepfakes, pose significant risks by enabling the spread of misinformation. Our empirical analysis reveals that existing methods for...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

Exploiting Jailbreaking Vulnerabilities in Generative AI to Bypass Ethical Safeguards for Facilitating Phishing Attacks

The advent of advanced Generative AI GenAI models such as DeepSeek and ChatGPT has significantly reshaped the cybersecurity landscape, introducing both promising opportunities and critical risks. This study investigates how GenAI powered chatbot services can be exploited via jailbreaking techniqu...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•2 views

Using Modular Arithmetic Optimized Neural Networks to Crack Affine Cryptographic Schemes Efficiently

We investigate the cryptanalysis of affine ciphers using a hybrid neural network architecture that combines modular arithmetic-aware and statistical feature-based learning. Inspired by recent advances in interpretable neural networks for modular arithmetic and neural cryptanalysis of classical...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•3 views

libxml2 xmlRegEpxFromParse Integer Overflow / Heap Buffer Overflow

libxml2 suffers from an integer overflow that leads to a heap buffer overflow in xmlRegEpxFromParse...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

How to Mitigate and Defend against DDoS Attacks in IoT Devices

Distributed Denial of Service DDoS attacks have become increasingly prevalent and dangerous in the context of Internet of Things IoT networks, primarily due to the low-security configurations of many connected devices. This paper analyzes the nature and impact of DDoS attacks such as those launch...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•4 views

A Distributed Generative AI Approach for Heterogeneous Multi-Domain Environments under Data Sharing Constraints

Federated Learning has gained increasing attention for its ability to enable multiple nodes to collaboratively train machine learning models without sharing their raw data. At the same time, Generative AI -- particularly Generative Adversarial Networks GANs -- have achieved remarkable success...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

From Paranoia to Compliance: the Bumpy Road of System Hardening Practices on Stack Exchange

Hardening computer systems against cyberattacks is crucial for security. However, past incidents illustrated, that many system operators struggle with effective system hardening. Hence, many computer systems and applications remain insecure. So far, the research community lacks an in-depth...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•3 views

Manipulation Attacks by Misaligned AI: Risk Analysis and Safety Case Framework

Frontier AI systems are rapidly advancing in their capabilities to persuade, deceive, and influence human behaviour, with current models already demonstrating human-level persuasion and strategic deception in specific contexts. Humans are often the weakest link in cybersecurity systems, and a...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•5 views

Thought Purity: Defense Paradigm for Chain-Of-Thought Attack

While reinforcement learning-trained Large Reasoning Models LRMs, e.g., Deepseek-R1 demonstrate advanced reasoning capabilities in the evolving Large Language Models LLMs domain, their susceptibility to security threats remains a critical vulnerability. This weakness is particularly evident in...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/17 12:0 a.m.•29 views

Architectural Backdoors in Deep Learning: a Survey of Vulnerabilities, Detection, and Defense

Architectural backdoors pose an under-examined but critical threat to deep neural networks, embedding malicious logic directly into a model's computational graph. Unlike traditional data poisoning or parameter manipulation, architectural backdoors evade standard mitigation techniques and persist...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•4 views

gimmePATz - GitHub Personal Access Token (PAT) Recon Tool 1.0.0

gimmePatz is a recon tool for GitHub PATs. Designed for bug bounty hunters, pentesters and red teams. gimmePatz will tell you what scopes a PAT has, and it will tell you what repositories or GitHub Organizations the PAT is attached to as well...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•6 views

On the Consideration of Vanity Address Generation Via Identity-Based Signatures

An address is indicated as an identifier of the user on the blockchain, and is defined by a hash value of the ECDSA verification key. A vanity address is an address that embeds custom characters such as a name. To generate a vanity address, a classical try-and-error method is employed, and thus t...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•3 views

NodeJS 24.x Path Traversal

Proof of concept exploit for CVE-2025-27210, a precise path traversal vulnerability affecting Node.js applications running on Microsoft Windows. This vulnerability leverages the specific way Windows handles reserved device file names e.g., AUX, CON, NUL when combined with directory traversal...

7.5CVSS7.5AI score0.09752EPSS
Exploits5
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•4 views

GPU-Accelerated Interpretable Generalization for Rapid Cyberattack Detection and Forensics

The Interpretable Generalization IG mechanism recently published in IEEE Transactions on Information Forensics and Security delivers state-of-the-art, evidence-based intrusion detection by discovering coherent normal and attack patterns through exhaustive intersect-and-subset operations-yet its...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•1 views

Multi-Granular Discretization for Interpretable Generalization in Precise Cyberattack Identification

Explainable intrusion detection systems IDS are now recognized as essential for mission-critical networks, yet most "XAI" pipelines still bolt an approximate explainer onto an opaque classifier, leaving analysts with partial and sometimes misleading insights. The Interpretable Generalization IG...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•6 views

HyDRA: a Hybrid Dual-Mode Network for Closed- and Open-Set RFFI with Optimized VMD

Device recognition is vital for security in wireless communication systems, particularly for applications like access control. Radio Frequency Fingerprint Identification RFFI offers a non-cryptographic solution by exploiting hardware-induced signal distortions. This paper proposes HyDRA, a Hybrid...

7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2025/07/16 12:0 a.m.•3 views

Safeguarding Federated Learning-Based Road Condition Classification

Federated Learning FL has emerged as a promising solution for privacy-preserving autonomous driving, specifically camera-based Road Condition Classification RCC systems, harnessing distributed sensing, computing, and communication resources on board vehicles without sharing sensitive image data...

7.1AI score
Exploits0
Total number of security vulnerabilities6864