Lucene search
+L
PacketstormnewsRecent

6864 matches found

packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•11 views

WordPress WPBookit 1.0.4 Arbitrary File Upload

WordPress WPBookit plugin versions 1.0.4 and below suffer from an arbitrary file upload vulnerability...

9.8CVSS6.9AI score0.05649EPSS
Exploits2
packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•6 views

Questionnaire Mate 2.0

Questionnaire Mate is a cool script that lets you read in a list of questions and uses OpenAI to answer them based on a private knowledge base. Useful for a less informed individual to feed AI audit questions and extract proper answers...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•6 views

Access Control for Information-Theoretically Secure Key-Document Stores

This paper presents a novel key-based access control technique for secure outsourcing key-value stores where values correspond to documents that are indexed and accessed using keys...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•10 views

MalCodeAI: Autonomous Vulnerability Detection and Remediation Via Language Agnostic Code Reasoning

The growing complexity of cyber threats and the limitations of traditional vulnerability detection tools necessitate novel approaches for securing software systems. We introduce MalCodeAI, a language-agnostic, multi-stage AI pipeline for autonomous code security analysis and remediation. MalCodeA...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•6 views

Differentially Private Federated Low Rank Adaptation beyond Fixed-Matrix

Large language models LLMs typically require fine-tuning for domain-specific tasks, and LoRA offers a computationally efficient approach by training low-rank adapters. LoRA is also communication-efficient for federated LLMs when multiple users collaboratively fine-tune a global LLM model without...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/14 12:0 a.m.•5 views

Secure and Efficient Quantum Signature Scheme Based on the Controlled Unitary Operations Encryption

Quantum digital signatures ensure unforgeable message authenticity and integrity using quantum principles, offering unconditional security against both classical and quantum attacks. They are crucial for secure communication in high-stakes environments, ensuring trust and long-term protection in...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•6 views

Several New Classes of Self-Orthogonal Minimal Linear Codes Violating the Ashikhmin-Barg Condition

Whitepaper called Several New Classes Of Self-Orthogonal Minimal Linear Codes Violating The Ashikhmin-Barg Condition...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

Efficient Private Inference Based on Helper-Assisted Malicious Security Dishonest Majority MPC

Private inference based on Secure Multi-Party Computation MPC addresses data privacy risks in Machine Learning as a Service MLaaS. However, existing MPC-based private inference frameworks focuses on semi-honest or honest majority models, whose threat models are overly idealistic, while malicious...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

CAN-Trace Attack: Exploit CAN Messages to Uncover Driving Trajectories

Driving trajectory data remains vulnerable to privacy breaches despite existing mitigation measures. Traditional methods for detecting driving trajectories typically rely on map-matching the path using Global Positioning System GPS data, which is susceptible to GPS data outage. This paper...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•6 views

Spectral Feature Extraction for Robust Network Intrusion Detection Using MFCCs

The rapid expansion of Internet of Things IoT networks has led to a surge in security vulnerabilities, emphasizing the critical need for robust anomaly detection and classification techniques. In this work, we propose a novel approach for identifying anomalies in IoT network traffic by leveraging...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

A Mixture of Linear Corrections Generates Secure Code

Large language models LLMs have become proficient at sophisticated code-generation tasks, yet remain ineffective at reliably detecting or avoiding code vulnerabilities. Does this deficiency stem from insufficient learning about code vulnerabilities, or is it merely a result of ineffective...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

Secure and Efficient UAV-Based Face Detection Via Homomorphic Encryption and Edge Computing

This paper aims to propose a novel machine learning ML approach incorporating Homomorphic Encryption HE to address privacy limitations in Unmanned Aerial Vehicles UAV-based face detection. Due to challenges related to distance, altitude, and face orientation, high-resolution imagery and...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

AICrypto: a Comprehensive Benchmark for Evaluating Cryptography Capabilities of Large Language Models

Whitepaper called AICrypto: A Comprehensive Benchmark For Evaluating Cryptography Capabilities Of Large Language Models...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•8 views

Game Theory Meets LLM and Agentic AI: Reimagining Cybersecurity for the Age of Intelligent Threats

Protecting cyberspace requires not only advanced tools but also a shift in how we reason about threats, trust, and autonomy. Traditional cybersecurity methods rely on manual responses and brittle heuristics. To build proactive and intelligent defense systems, we need integrated theoretical...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•4 views

A Login Page Transparency and Visual Similarity Based Zero Day Phishing Defense Protocol

Phishing is a prevalent cyberattack that uses look-alike websites to deceive users into revealing sensitive information. Numerous efforts have been made by the Internet community and security organizations to detect, prevent, or train users to avoid falling victim to phishing attacks. Most of thi...

6.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•3 views

Endorsement-Driven Blockchain SSI Framework for Dynamic IoT Ecosystems

Self-Sovereign Identity SSI offers significant potential for managing identities in the Internet of Things IoT, enabling decentralized authentication and credential management without reliance on centralized entities. However, existing SSI frameworks often limit credential issuance and revocation...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•4 views

AdvGrasp: Adversarial Attacks on Robotic Grasping from a Physical Perspective

Adversarial attacks on robotic grasping provide valuable insights into evaluating and improving the robustness of these systems. Unlike studies that focus solely on neural network predictions while overlooking the physical principles of grasping, this paper introduces AdvGrasp, a framework for...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

EventHunter: Dynamic Clustering and Ranking of Security Events from Hacker Forum Discussions

Hacker forums provide critical early warning signals for emerging cybersecurity threats, but extracting actionable intelligence from their unstructured and noisy content remains a significant challenge. This paper presents an unsupervised framework that automatically detects, clusters, and...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

PromptChain: a Decentralized Web3 Architecture for Managing AI Prompts As Digital Assets

We present PromptChain, a decentralized Web3 architecture that establishes AI prompts as first-class digital assets with verifiable ownership, version control, and monetization capabilities. Current centralized platforms lack mechanisms for proper attribution, quality assurance, or fair...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•5 views

Interpreting Differential Privacy in Terms of Disclosure Risk

As the use of differential privacy DP becomes widespread, the development of effective tools for reasoning about the privacy guarantee becomes increasingly critical. In pursuit of this goal, we demonstrate novel relationships between DP and measures of statistical disclosure risk. We suggest how...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/13 12:0 a.m.•23 views

LaSM: Layer-Wise Scaling Mechanism for Defending Pop-Up Attack on GUI Agents

Graphical user interface GUI agents built on multimodal large language models MLLMs have recently demonstrated strong decision-making abilities in screen-based interaction tasks. However, they remain highly vulnerable to pop-up-based environmental injection attacks, where malicious visual element...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•6 views

LLMalMorph: on the Feasibility of Generating Variant Malware Using Large-Language-Models

Large Language Models LLMs have transformed software development and automated code generation. Motivated by these advancements, this paper explores the feasibility of LLMs in modifying malware source code to generate variants. We introduce LLMalMorph, a semi-automated framework that leverages...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•5 views

Implementing and Evaluating Post-Quantum DNSSEC in CoreDNS

The emergence of quantum computers poses a significant threat to current secure service, application and/or protocol implementations that rely on RSA and ECDSA algorithms, for instance DNSSEC, because public-key cryptography based on number factorization or discrete logarithm is vulnerable to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•6 views

User-To-PC Authentication through Confirmation on Mobile Devices: on Usability and Performance

Protecting personal computers PCs from unauthorized access typically relies on password authentication, which is know to suffer from cognitive burden and weak credentials. As many users nowadays carry mobile devices with advanced security features throughout their day, there is an opportunity to...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•5 views

Backscatter Device-Aided Integrated Sensing and Communication: a Pareto Optimization Framework

Integrated sensing and communication ISAC systems potentially encounter significant performance degradation in densely obstructed urban and non-line-of-sight scenarios, thus limiting their effectiveness in practical deployments. To deal with these challenges, this paper proposes a backscatter...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•6 views

Securing Transformer-Based AI Execution Via Unified TEEs and Crypto-Protected Accelerators

Recent advances in Transformer models, e.g., large language models LLMs, have brought tremendous breakthroughs in various artificial intelligence AI tasks, leading to their wide applications in many security-critical domains. Due to their unprecedented scale and prohibitively high development cos...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•5 views

Hybrid Quantum Security for IPsec

Quantum Key Distribution QKD offers information-theoretic security against quantum computing threats, but integrating QKD into existing security protocols remains an unsolved challenge due to fundamental mismatches between pre-distributed quantum keys and computational key exchange paradigms. Thi...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•8 views

CLIProv: a Contrastive Log-To-Intelligence Multimodal Approach for Threat Detection and Provenance Analysis

With the increasing complexity of cyberattacks, the proactive and forward-looking nature of threat intelligence has become more crucial for threat detection and provenance analysis. However, translating high-level attack patterns described in Tactics, Techniques, and Procedures TTP intelligence...

6.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•3 views

SmartphoneDemocracy: Privacy-Preserving E-Voting on Decentralized Infrastructure Using Novel European Identity

The digitization of democratic processes promises greater accessibility but presents challenges in terms of security, privacy, and verifiability. Existing electronic voting systems often rely on centralized architectures, creating single points of failure and forcing too much trust in authorities...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•5 views

Confidential Wrapped Ethereum

Transparency is one of the key benefits of public blockchains. However, the public visibility of transactions potentially compromises users' privacy. The fundamental challenge is to balance the intrinsic benefits of blockchain openness with the vital need for individual confidentiality. The...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•6 views

LLM-Stackelberg Games: Conjectural Reasoning Equilibria and Their Applications to Spearphishing

We introduce the framework of LLM-Stackelberg games, a class of sequential decision-making models that integrate large language models LLMs into strategic interactions between a leader and a follower. Departing from classical Stackelberg assumptions of complete information and rational agents, ou...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•4 views

Demo: Secure Edge Server for Network Slicing and Resource Allocation in Open RAN

Next-Generation Radio Access Networks NGRAN aim to support diverse vertical applications with strict security, latency, and Service-Level Agreement SLA requirements. These demands introduce challenges in securing the infrastructure, allocating resources dynamically, and enabling real-time...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/12 12:0 a.m.•6 views

When Developer Aid Becomes Security Debt: a Systematic Analysis of Insecure Behaviors in LLM Coding Agents

LLM-based coding agents are rapidly being deployed in software development, yet their security implications remain poorly understood. These agents, while capable of accelerating software development, may inadvertently introduce insecure practices. We conducted the first systematic security...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•7 views

Favicon Trojans: Executable Steganography Via Ico Alpha Channel Exploitation

This paper presents a novel method of executable steganography using the alpha transparency layer of ICO image files to embed and deliver self-decompressing JavaScript payloads within web browsers. By targeting the least significant bit LSB of non-transparent alpha layer image values, the propose...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•3 views

Breaking a 5-Bit Elliptic Curve Key Using a 133-Qubit Quantum Computer

This experiment breaks a 5-bit elliptic curve cryptographic key using a Shor-style quantum attack. Executed on IBM's 133-qubit ibmtorino with Qiskit Runtime 2.0, a 15-qubit circuit, comprised of 10 logical qubits and 5 ancilla, interferes over an order-32 elliptic curve subgroup to extract the...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•7 views

ARPaCCino: an Agentic-RAG for Policy As Code Compliance

Policy as Code PaC is a paradigm that encodes security and compliance policies into machine-readable formats, enabling automated enforcement in Infrastructure as Code IaC environments. However, its adoption is hindered by the complexity of policy languages and the risk of misconfigurations. In th...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•5 views

When and Where Do Data Poisons Attack Textual Inversion?

Poisoning attacks pose significant challenges to the robustness of diffusion models DMs. In this paper, we systematically analyze when and where poisoning attacks textual inversion TI, a widely used personalization technique for DMs. We first introduce Semantic Sensitivity Maps, a novel method fo...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•24 views

SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•6 views

FortiWeb SQL Injection / Remote Code Execution

This script attempts to detect if FortiWeb is vulnerable to CVE-2025-25257, a SQL injection vulnerability that can be leveraged for remote code execution...

9.8CVSS9AI score0.9671EPSS
Exploits18
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•5 views

Entangled Threats: a Unified Kill Chain Model for Quantum Machine Learning Security

Quantum Machine Learning QML systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoni...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•2 views

ADAPT: a Pseudo-Labeling Approach to Combat Concept Drift in Malware Detection

Whitepaper called ADAPT: A Pseudo-Labeling Approach To Combat Concept Drift In Malware Detection...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•4 views

Characterizing Security and Privacy Teaching Standards for Schools in the United States

Increasingly, students begin learning aspects of security and privacy during their primary and secondary education grades K-12 in the United States. Individual U.S. states and some national organizations publish teaching standards -- guidance that outlines expectations for what students should...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•4 views

Qualcomm Trusted Application Emulation for Fuzzing Testing

In recent years, the increasing awareness of cybersecurity has led to a heightened focus on information security within hardware devices and products. Incorporating Trusted Execution Environments TEEs into product designs has become a standard practice for safeguarding sensitive user information...

6.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•5 views

Evaluating Post-Quantum Cryptographic Algorithms on Resource-Constrained Devices

Whitepaper called Evaluating Post-Quantum Cryptographic Algorithms On Resource-Constrained Devices...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•5 views

CovertAuth: Joint Covert Communication and Authentication in MmWave Systems

Beam alignment BA is a crucial process in millimeter-wave mmWave communications, enabling precise directional transmission and efficient link establishment. However, due to characteristics like omnidirectional exposure and the broadcast nature of the BA phase, it is particularly vulnerable to...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•4 views

MH-FSF: a Unified Framework for Overcoming Benchmarking and Reproducibility Limitations in Feature Selection Evaluation

Feature selection is vital for building effective predictive models, as it reduces dimensionality and emphasizes key features. However, current research often suffers from limited benchmarking and reliance on proprietary datasets. This severely hinders reproducibility and can negatively impact...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•3 views

The Dark Side of LLMs Agent-Based Attacks for Complete Computer Takeover

The rapid adoption of Large Language Model LLM agents and multi-agent systems enables unprecedented capabilities in natural language processing and generation. However, these systems have introduced unprecedented security vulnerabilities that extend beyond traditional prompt injection attacks. Th...

7.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•3 views

Exploiting Leaderboards for Large-Scale Distribution of Malicious Models

While poisoning attacks on machine learning models have been extensively studied, the mechanisms by which adversaries can distribute poisoned models at scale remain largely unexplored. In this paper, we shed light on how model leaderboards -- ranked platforms for model discovery and evaluation --...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•6 views

White-Basilisk: a Hybrid Model for Code Vulnerability Detection

The proliferation of software vulnerabilities presents a significant challenge to cybersecurity, necessitating more effective detection methodologies. We introduce White-Basilisk, a novel approach to vulnerability detection that demonstrates superior performance while challenging prevailing...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/11 12:0 a.m.•5 views

Quantum-Resilient Privacy Ledger (QRPL): a Sovereign Digital Currency for the Post-Quantum Era

The emergence of quantum computing presents profound challenges to existing cryptographic infrastructures, whilst the development of central bank digital currencies CBDCs has raised concerns regarding privacy preservation and excessive centralisation in digital payment systems. This paper propose...

6.9AI score
Exploits0
Total number of security vulnerabilities6864