Lucene search
K
PacketstormnewsRecent

6819 matches found

Packet Storm News
Packet Storm News
added 2026/06/14 12:0 a.m.11 views

MASCOT-Android: A Curated Dataset and Automated Collection Pipeline for Android Malware Source Code Specimens

Compared with binaries and decompiled code, malware source code more directly reflects the attackers' original intent. However, the scarcity of source code and the high cost of manual review make such datasets difficult to build and maintain. We propose MASCOT-Android, a curated dataset of Androi...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/14 12:0 a.m.21 views

Binary Decompilation LLM with Feedback-Driven Multi-Turn Refinement

Binary decompilation is fundamental to security tasks such as vulnerability discovery, malware inspection, and executable-only program understanding. Recent LLM-based decompilation methods have shown promising results, but most still follow a single-turn generation paradigm: given assembly code o...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/14 12:0 a.m.19 views

Obliv-Clang: Real-World Oblivious Programming in C++

Side-channel vulnerabilities, particularly timing and access-pattern-based attacks, have become critical issues for confidential data processing in trusted environments. Oblivious programming is an effective approach to alleviate these attacks by making program execution not leak any secret throu...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/14 12:0 a.m.12 views

AttackonCTF: Defending Hardware Security Competition Benchmarks in the Age of LLMs

Hardware security competitions such as HackTheSilicon serve as benchmarking platforms for evaluating vulnerability detection methods and for training humans and AI. However, our study reveals that LLMs threaten their validity. Instead of genuine security reasoning, detectors exploit a diff-style...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/13 12:0 a.m.10 views

The Audit Gap in Blockchain Security: A Four-Year Empirical Study of Public Audit Findings and Real-World Exploit Incidents

This paper presents an empirical analysis of the Web3 security landscape over the four-year and three-month period from 1 January 2022 to 27 March 2026. The dataset combines 23,818 public audit findings produced by 22 independent security firms with 218 real-world exploit incidents documented by...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/13 12:0 a.m.9 views

Data-Centric Benchmarking of Exploit Generation in LLMs: Understanding the Impact of Fine-Tuning

We study the task of CVE-conditioned exploit generation, where a model drafts proof-of-concept PoC exploits given software vulnerability context. We adopt a data-centric approach, constructing a high-quality dataset via multi-stage preprocessing and introducing a scalable evaluation framework wit...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/13 12:0 a.m.28 views

LLM: LSTM Look-Ahead Moving Target Defense Based on Historical Malicious Scan

Network scanning is a critical preliminary step for most adversaries to gain essential information before launching cyber attacks. Moving Target Defense MTD based on IP shuffling has emerged as a proactive defense strategy to counteract these reconnaissance efforts. Unlike static, reactive defens...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

HTTP/2 Exposure Auditor

The script safely evaluates HTTP/2 exposure by negotiating ALPN, initiating a minimal HTTP/2 session, collecting server SETTINGS frames, and identifying potentially permissive protocol configurations. It avoids stream amplification, flooding behavior, connection fan-out, and sustained resource...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.23 views

Evaluating LLMs for Obfuscation Detection and Classification in Android Apps

Android applications apps developers increasingly rely on code obfuscation techniques to hinder reverse engineering and protect intellectual property. However, obfuscation also reduces the effectiveness of static analysis and vulnerability detection tools, creating challenges for Android security...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.30 views

Detecting Bot Detection: Prevalence, Techniques, and Implications for Web Measurement Research

Browser automation frameworks are essential tools for security and privacy research on the web, yet bot detection scripts increasingly probe their artifacts, threatening measurement validity as automated browsers may be blocked or served different content. Prior work measures detection deployment...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

Investigating Metamorphic Fuzz Oracle Enhancement Via Large Language Models

Fuzz drivers are essential components of greybox fuzzing, as they encapsulate target interfaces, define test spaces, and largely determine fuzzing effectiveness. Existing fuzz drivers typically rely on crash-based oracles for security testing, overlooking library functionality and limiting bug...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

Palo Alto GlobalProtect TLS Posture Scanner

This Metasploit auxiliary module is structured as a defensive assessment tool focused on TLS posture analysis and service identification for GlobalProtect deployments...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.11 views

FreeType Automated Font Corpus Scanner

This Python framework implements a structured font-analysis pipeline for large-scale robustness testing of FreeType font parsing behavior...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.20 views

Breaking TinyML: Why Quantized Neural Networks Need Domain-Specific Security Analysis

Most TinyML hardware accelerators focus on supporting Quantized Neural Networks QNNs to meet stringent constraints on power consumption and size. Despite this, the security aspects of quantization within TinyML hardware remain largely unexplored. Although previous studies indicate that QNNs...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

Security Engineering of OpenClaw: Analyzing Attack Surface Expansion and Trust-Boundary Violations

Agentic large language model LLM systems can now execute actions, not only produce text. When model outputs trigger privileged operations such as shell commands, browser automation, or external tool calls, the security problem shifts from alignment alone to system configuration and structural...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.7 views

Security Threats and Their Impact on Blockchain Interoperability: Identification and Countermeasures

Blockchain interoperability enables independent blockchain systems to communicate and exchange assets across heterogeneous networks. However, the lack of comprehensive security mechanisms remains a critical weakness -- one that attackers have already exploited to cause hundreds of millions of...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

FreeType Contour Boundary Validation Utility

This is a FreeType contour boundary validation utility for detecting indexing and integer-limit risks. It implements a validation routine for detecting unsafe contour metadata conditions by evaluating contour counts and index boundaries against expected limits...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.19 views

Giving AI a Headache: Acoustic Adversarial Attacks to Computer Vision Applications

Artificial Intelligence AI is increasingly used to automate a variety of real-world computer vision CV applications, such as autonomous vehicle control, facial recognition, and security cameras. Recent research has shown that acoustic vibration can induce real physical motion in cameras,...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.26 views

FortiSandbox Endpoint Validation Tool

This Python script is a utility designed to evaluate the exposure and configuration state of a FortiSandbox deployment through publicly reachable management endpoints...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

Joern 4.0.557

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

FreeType Experimental TrueType Glyph Construction

This Python code outlines an experimental framework for constructing synthetic TrueType font structures intended for studying parser behavior, glyph-processing logic, and edge-case handling within font-rendering pipelines...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.15 views

Security in a Workflow: Exploring Role-Based Agentic Architectures for Vulnerability Handling

Secure software engineering in practice is a multi-stage workflow involving vulnerability analysis, remediation, and fix verification. However, current LLM-based software security approaches often focus on isolated tasks such as detection or patch generation, with limited attention to agentic...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.20 views

Ultra-Broadband Anti-Jamming Communication Via a Rydberg Atomic Receiver

Ultra-broadband anti-jamming communication represents a promising approach to secure and robust information transfer through spread-spectrum techniques, effectively combatting malicious interference and eavesdropping. Rydberg atoms, enhanced by waveguide coupling, facilitate ultra-broadband...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.16 views

WatchGuard FireboxV LDAP Race Condition

WatchGuard FireboxV with firmware version 12.11.6 Build B728370 suffers from a race condition in rscryptosetupldapserver libpkicli.so that allows two concurrently-processed IKEv1 Aggressive Mode packets to trigger a double-free and use-after-Free on the global LDAP connection handle. The research...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.9 views

Falco 0.44.1

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.6 views

The Emergence of Autonomous Penetration Capabilities in Large Language Model-Powered AI Systems

Nowadays, the autonomous execution of cyberattacks capable of causing substantial real-world harm is widely regarded as one of the critical red lines that frontier AI systems must not cross. Within this broader red-line scenario, autonomous penetration represents a core enabling capability and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.19 views

DNGBehaviorAnalyzer Telemetry-Based DNG/TIFF Metadata Parser and Anomaly Detection

This Python script provides a telemetry-driven analysis framework for inspecting Digital Negative DNG files through low-level TIFF metadata parsing and runtime event logging. The tool reads and validates TIFF headers, traverses Image File Directory IFD entries, and records parser activity using...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.23 views

Safety-Contract Graph Multi-Agent Reinforcement Learning for Autonomous Network Security Response

Autonomous network-security response systems promise to reduce Security Operations Centre SOC reaction latency, but reward-only multi-agent reinforcement learning MARL can improve security reward while remaining non-deployable. We present a safety-contract graph MARL framework and instantiate it ...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

ASN.1-Compliant CLDAP Validator

This Metasploit module implements a production-grade CLDAP LDAP over UDP validator that strictly follows ASN.1 BER encoding rules. It builds compliant LDAP search requests for Netlogon verification using carefully structured BER encoders for integers, strings, sequences, and filters. It can be us...

9.8CVSS5.3AI score0.72253EPSS
Exploits32
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.20 views

Crypto X AI, AI X Crypto: A Survey

The intersection of crypto x AI is spawning papers, products, online posts, and companies. All the surrounding buzz, though, obscures what exactly has been done, what the opportunities and challenges are, and what open questions deserve attention. This survey paper asks what AI can do for...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

LNTest: A Testbed for Evaluating Bitcoin Lightning Network-Based Botnets

Bitcoin's Lightning Network LN can be exploited as a covert, low-cost command-and-control C&C channel for botnets, as demonstrated by the LNBot and D-LNBot designs. However, both remain proof-of-concept prototypes evaluated only through simulation, leaving key questions about real-world topology...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.23 views

Information Flow Paths from RTL Traces

Security validation is an important yet challenging part of the hardware design process, yet, by convention, validation engineers are tasked with defining the threat model, specifying the relevant security properties, detecting any violations of those properties, and assessing the consequences to...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.21 views

Pseudonym Scheme Based on Hybrid Certificates for Security Credential Management System in Vehicular Communications

In recent years, the Institute of Electrical and Electronics Engineers IEEE and the European Telecommunications Standards Institute ETSI have developed a series of security communication standards for vehicular communications. These standards include mechanisms such as the Security Credential...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.13 views

Chatwoot Scanner

This is a security assessment tool designed to evaluate authentication status, response behavior, and possible exposure indicators in Chatwoot conversation filtering functionality...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.10 views

Side-Channel Attacks Bypass Protection in 3D Printers

Active Motor Noise Cancellation AMNC ships in commercial fused deposition modeling FDM 3D printers as a hardware countermeasure against acoustic side-channel attacks that target intellectual property IP. We present the first empirical evaluation of a deployed AMNC countermeasure, using a public...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.13 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.20 views

ViPER: Vision-Based Packing-Aware Encoder for Robust Malware Detection

Visualization-based malware detection maps raw binary bytes to grayscale images and applies learned visual classifiers, providing an evasion-resistant and disassembly-free alternative to conventional analysis pipelines. However, executable packing remains a critical failure mode: packed binaries...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.26 views

DIG: Oracle-Guided Directed Input Generation for One-Day Vulnerabilities

One-day vulnerabilities pose significant risks due to delayed or incomplete patch adoption. Generating proof-of-concept PoC inputs is therefore essential for assessing real-world impact. The key challenge is identifying necessary constraints for triggering the vulnerability and solving them...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.14 views

Craft CMS Authorization and Migration Endpoint Exposure Tool

This is an assessment utility designed to evaluate potential exposure related to authorization handling and migration endpoint accessibility in Craft CMS deployments...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.33 views

DNGInspector Structural Analyzer for DNG/TIFF Metadata and IFD Anomaly Detection

This Python script implements a static inspection tool for Digital Negative DNG files by parsing the TIFF-based header and analyzing Image File Directory IFD entries for structural anomalies. The tool validates basic header fields, traverses IFD records, and flags suspicious metadata patterns suc...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.17 views

MAStrike: Shapley-Guided Collusive Red-Teaming on Multi-Agent Systems

Hierarchical multi-agent systems MAS are rapidly being deployed in high-stakes workflows across domains such as finance and software engineering. In these systems, safety and security are inherently distributed across role-specialized agents, significantly expanding the attack surface, particular...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.18 views

RTL-Arrow: Hardware-To-Cloud Bridge

Hardware Security at Willamette is a Willamette University affiliated research group studying the hardware-software interface of security critical services. Within our program, we noticed many researchers spent considerable development time learning to understand and manually parse...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.18 views

Defending the Core: A Centrality-Based Protection Strategy for Supply Chain Security in Npm Dependency Network

The modern software supply chain, taking Node Package Manager npm dependency network for example, relies heavily on shared open-source dependencies. While this promotes rapid development, it introduces systemic vulnerabilities as well. Concerning this potential risk, we analyze the npm dependency...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.23 views

DNG Generator for Floating-Point Edge Cases and Image Processing Robustness Testing

This C program implements an experimental TIFF/DNG file generator intended for studying how image-processing pipelines respond to unusual metadata combinations and extreme floating-point conditions...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.10 views

Joern 4.0.556

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.8 views

ngxray Vulnerability Scanner

ngxray is a static vulnerability scanner for nginx configurations. It parses configs with nginx's own tokenizer and matches against declarative JSON rules to detect known CVEs in rewrite/script engine directive patterns...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.11 views

FortiSandbox Exposure Scanner

This Metasploit auxiliary scanner module performs passive exposure assessment of FortiSandbox deployments by identifying platform fingerprints, collecting publicly accessible version metadata, and evaluating API exposure levels without using exploit functionality. The module validates whether a...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.36 views

Font Generator for Embedded Bitmap and Color Glyph Pipeline Robustness Testing

This Python program constructs a handcrafted TrueType font file that combines multiple font subsystems - including embedded bitmap tables, color glyph definitions, glyph mapping structures, and minimal layout metadata - into a single synthetic test artifact...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.27 views

SEVRA-BENCH: Social Engineering of Vulnerabilities in Review Agents

Large language model LLM reviewers are increasingly used in pull-request PR workflows, where their approvals help decide which code is merged into a repository. This raises a question that benchmarks for static vulnerability detection or code generation do not address: can an automated reviewer...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.10 views

ACPM Concurrent Transfer Stress Tester for Channel Synchronization Validation

This C program is a multi-threaded concurrency reproducer intended to stress-test concurrent invocations of acpmdoxfer against the same ACPM channel in order to observe synchronization behavior, race conditions, error handling, and driver stability under contention...

5.5AI score
Exploits0
Total number of security vulnerabilities6819