Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.19 views

Breaking TinyML: Why Quantized Neural Networks Need Domain-Specific Security Analysis

Most TinyML hardware accelerators focus on supporting Quantized Neural Networks QNNs to meet stringent constraints on power consumption and size. Despite this, the security aspects of quantization within TinyML hardware remain largely unexplored. Although previous studies indicate that QNNs...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.7 views

Security Threats and Their Impact on Blockchain Interoperability: Identification and Countermeasures

Blockchain interoperability enables independent blockchain systems to communicate and exchange assets across heterogeneous networks. However, the lack of comprehensive security mechanisms remains a critical weakness -- one that attackers have already exploited to cause hundreds of millions of...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.12 views

Security in a Workflow: Exploring Role-Based Agentic Architectures for Vulnerability Handling

Secure software engineering in practice is a multi-stage workflow involving vulnerability analysis, remediation, and fix verification. However, current LLM-based software security approaches often focus on isolated tasks such as detection or patch generation, with limited attention to agentic...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.19 views

Ultra-Broadband Anti-Jamming Communication Via a Rydberg Atomic Receiver

Ultra-broadband anti-jamming communication represents a promising approach to secure and robust information transfer through spread-spectrum techniques, effectively combatting malicious interference and eavesdropping. Rydberg atoms, enhanced by waveguide coupling, facilitate ultra-broadband...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.9 views

FreeType Experimental TrueType Glyph Construction

This Python code outlines an experimental framework for constructing synthetic TrueType font structures intended for studying parser behavior, glyph-processing logic, and edge-case handling within font-rendering pipelines...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.23 views

Evaluating LLMs for Obfuscation Detection and Classification in Android Apps

Android applications apps developers increasingly rely on code obfuscation techniques to hinder reverse engineering and protect intellectual property. However, obfuscation also reduces the effectiveness of static analysis and vulnerability detection tools, creating challenges for Android security...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/12 12:0 a.m.30 views

Detecting Bot Detection: Prevalence, Techniques, and Implications for Web Measurement Research

Browser automation frameworks are essential tools for security and privacy research on the web, yet bot detection scripts increasingly probe their artifacts, threatening measurement validity as automated browsers may be blocked or served different content. Prior work measures detection deployment...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.25 views

SEVRA-BENCH: Social Engineering of Vulnerabilities in Review Agents

Large language model LLM reviewers are increasingly used in pull-request PR workflows, where their approvals help decide which code is merged into a repository. This raises a question that benchmarks for static vulnerability detection or code generation do not address: can an automated reviewer...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.22 views

Information Flow Paths from RTL Traces

Security validation is an important yet challenging part of the hardware design process, yet, by convention, validation engineers are tasked with defining the threat model, specifying the relevant security properties, detecting any violations of those properties, and assessing the consequences to...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.20 views

Pseudonym Scheme Based on Hybrid Certificates for Security Credential Management System in Vehicular Communications

In recent years, the Institute of Electrical and Electronics Engineers IEEE and the European Telecommunications Standards Institute ETSI have developed a series of security communication standards for vehicular communications. These standards include mechanisms such as the Security Credential...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.14 views

Craft CMS Authorization and Migration Endpoint Exposure Tool

This is an assessment utility designed to evaluate potential exposure related to authorization handling and migration endpoint accessibility in Craft CMS deployments...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.16 views

WatchGuard FireboxV LDAP Race Condition

WatchGuard FireboxV with firmware version 12.11.6 Build B728370 suffers from a race condition in rscryptosetupldapserver libpkicli.so that allows two concurrently-processed IKEv1 Aggressive Mode packets to trigger a double-free and use-after-Free on the global LDAP connection handle. The research...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.11 views

LNTest: A Testbed for Evaluating Bitcoin Lightning Network-Based Botnets

Bitcoin's Lightning Network LN can be exploited as a covert, low-cost command-and-control C&C channel for botnets, as demonstrated by the LNBot and D-LNBot designs. However, both remain proof-of-concept prototypes evaluated only through simulation, leaving key questions about real-world topology...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.9 views

Falco 0.44.1

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.7 views

ngxray Vulnerability Scanner

ngxray is a static vulnerability scanner for nginx configurations. It parses configs with nginx's own tokenizer and matches against declarative JSON rules to detect known CVEs in rewrite/script engine directive patterns...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.19 views

ViPER: Vision-Based Packing-Aware Encoder for Robust Malware Detection

Visualization-based malware detection maps raw binary bytes to grayscale images and applies learned visual classifiers, providing an evasion-resistant and disassembly-free alternative to conventional analysis pipelines. However, executable packing remains a critical failure mode: packed binaries...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.35 views

Font Generator for Embedded Bitmap and Color Glyph Pipeline Robustness Testing

This Python program constructs a handcrafted TrueType font file that combines multiple font subsystems - including embedded bitmap tables, color glyph definitions, glyph mapping structures, and minimal layout metadata - into a single synthetic test artifact...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

ASN.1-Compliant CLDAP Validator

This Metasploit module implements a production-grade CLDAP LDAP over UDP validator that strictly follows ASN.1 BER encoding rules. It builds compliant LDAP search requests for Netlogon verification using carefully structured BER encoders for integers, strings, sequences, and filters. It can be us...

9.8CVSS5.3AI score0.72253EPSS
Exploits32
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.16 views

Defending the Core: A Centrality-Based Protection Strategy for Supply Chain Security in Npm Dependency Network

The modern software supply chain, taking Node Package Manager npm dependency network for example, relies heavily on shared open-source dependencies. While this promotes rapid development, it introduces systemic vulnerabilities as well. Concerning this potential risk, we analyze the npm dependency...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.18 views

Crypto X AI, AI X Crypto: A Survey

The intersection of crypto x AI is spawning papers, products, online posts, and companies. All the surrounding buzz, though, obscures what exactly has been done, what the opportunities and challenges are, and what open questions deserve attention. This survey paper asks what AI can do for...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.13 views

Chatwoot Scanner

This is a security assessment tool designed to evaluate authentication status, response behavior, and possible exposure indicators in Chatwoot conversation filtering functionality...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.10 views

Side-Channel Attacks Bypass Protection in 3D Printers

Active Motor Noise Cancellation AMNC ships in commercial fused deposition modeling FDM 3D printers as a hardware countermeasure against acoustic side-channel attacks that target intellectual property IP. We present the first empirical evaluation of a deployed AMNC countermeasure, using a public...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.21 views

DIG: Oracle-Guided Directed Input Generation for One-Day Vulnerabilities

One-day vulnerabilities pose significant risks due to delayed or incomplete patch adoption. Generating proof-of-concept PoC inputs is therefore essential for assessing real-world impact. The key challenge is identifying necessary constraints for triggering the vulnerability and solving them...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.13 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.11 views

FortiSandbox Exposure Scanner

This Metasploit auxiliary scanner module performs passive exposure assessment of FortiSandbox deployments by identifying platform fingerprints, collecting publicly accessible version metadata, and evaluating API exposure levels without using exploit functionality. The module validates whether a...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.16 views

RTL-Arrow: Hardware-To-Cloud Bridge

Hardware Security at Willamette is a Willamette University affiliated research group studying the hardware-software interface of security critical services. Within our program, we noticed many researchers spent considerable development time learning to understand and manually parse...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.33 views

DNGInspector Structural Analyzer for DNG/TIFF Metadata and IFD Anomaly Detection

This Python script implements a static inspection tool for Digital Negative DNG files by parsing the TIFF-based header and analyzing Image File Directory IFD entries for structural anomalies. The tool validates basic header fields, traverses IFD records, and flags suspicious metadata patterns suc...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.23 views

DNG Generator for Floating-Point Edge Cases and Image Processing Robustness Testing

This C program implements an experimental TIFF/DNG file generator intended for studying how image-processing pipelines respond to unusual metadata combinations and extreme floating-point conditions...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.10 views

Joern 4.0.556

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

MAStrike: Shapley-Guided Collusive Red-Teaming on Multi-Agent Systems

Hierarchical multi-agent systems MAS are rapidly being deployed in high-stakes workflows across domains such as finance and software engineering. In these systems, safety and security are inherently distributed across role-specialized agents, significantly expanding the attack surface, particular...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.6 views

The Emergence of Autonomous Penetration Capabilities in Large Language Model-Powered AI Systems

Nowadays, the autonomous execution of cyberattacks capable of causing substantial real-world harm is widely regarded as one of the critical red lines that frontier AI systems must not cross. Within this broader red-line scenario, autonomous penetration represents a core enabling capability and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.19 views

DNGBehaviorAnalyzer Telemetry-Based DNG/TIFF Metadata Parser and Anomaly Detection

This Python script provides a telemetry-driven analysis framework for inspecting Digital Negative DNG files through low-level TIFF metadata parsing and runtime event logging. The tool reads and validates TIFF headers, traverses Image File Directory IFD entries, and records parser activity using...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.23 views

Safety-Contract Graph Multi-Agent Reinforcement Learning for Autonomous Network Security Response

Autonomous network-security response systems promise to reduce Security Operations Centre SOC reaction latency, but reward-only multi-agent reinforcement learning MARL can improve security reward while remaining non-deployable. We present a safety-contract graph MARL framework and instantiate it ...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.10 views

ACPM Concurrent Transfer Stress Tester for Channel Synchronization Validation

This C program is a multi-threaded concurrency reproducer intended to stress-test concurrent invocations of acpmdoxfer against the same ACPM channel in order to observe synchronization behavior, race conditions, error handling, and driver stability under contention...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.12 views

ClickFix HTML Static Detector

This script is a lightweight static analysis tool designed to identify HTML pages that exhibit patterns commonly associated with ClickFix-style social engineering campaigns...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

Android Wireless ADB Wireless Port Checker Flipper Zero GUI Application

This program is a Flipper Zero application that checks whether the Android Debug Bridge ADB wireless debugging port 5555 is open on a specified IP address. It integrates with the Flipper GUI system to display results directly on the device screen...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

ClickFix Server Web-Based Social Engineering Delivery Browser Update Prompts

This Python program implements a web server that delivers browser-themed pages designed to instruct visitors to manually execute commands through operating system interfaces such as run dialogs or shell launchers...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.11 views

Cloud Files Security Review Tool

This code performs a defensive security assessment of Windows systems by reviewing configuration elements associated with Cloud Files components, environment manipulation opportunities, temporary file exposure, and Windows Error Reporting artifacts...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.12 views

Bridging the Smart City Cybersecurity Data Gap through AI-Driven Synthetic Dataset Generation

Smart cities rely on interconnected cyber-physical systems that integrate sensors, IoT devices, cloud platforms, and AI-driven services and decision-making. While these systems enhance city services, they also introduce complex cybersecurity challenges due to their large attack surfaces,...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

Categorical Robustness Assessment for Machine Learning Based Network Intrusion Detection Systems

Network Intrusion Detection Systems NIDS heavily utlize Machine Learning ML but ML models can be manipulated via adversarial attacks. These attacks add carefully crafted perturbations to network traffic data that leads to misclassifications. While prior work has demonstrated adversarial...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.17 views

MARCIM-WG: A Cyber Wargame Proposal Based on Math Modeling Applied in a Naval Scenario

As maritime operations increasingly depend on interconnected digital ecosystems, cyber incidents can propagate across maritime networks and degrade critical services. Strengthening strategic Cyber Situational Awareness CSA therefore requires training mechanisms that expose decision-makers to...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.30 views

Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security

Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.15 views

InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment

Fault Injection Attacks FIAs are a significant threat to hardware security, capable of compromising systems by inducing malicious faults in computation or storage. Evaluating resilience against such attacks is challenging due to the high cost, complexity, and limited availability of physical faul...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.12 views

Mind Your Key: An Empirical Study of LLM API Credential Leakage in IOS Apps

The rapid integration of large language models LLMs into mobile applications has introduced a new class of credential security risk: leaked credentials that grant unauthorized access to LLM inference services, causing financial damage to developers. Prior work on credential leakage has focused...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.8 views

Android Wireless ADB Wireless Port Checker

This is some simple C code to scan for an open Android Wireless ADB port on tcp/5555...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.16 views

Grammar-Constrained Decoding Can Jailbreak LLMs into Generating Malicious Code

Large Language Models LLMs are increasingly used for code generation, raising concerns that they may be misused to produce malicious code. Meanwhile, Grammar-Constrained Decoding GCD has been widely adopted to improve the reliability of LLM-generated code by enforcing syntactic validity. In this...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.10 views

ACPM Transfer Validation and Stress Testing Proof of Concept

This C program is a controlled stress-testing proof of concept designed to evaluate robustness, parameter validation, and stability of the acpmdoxfer interface under repeated high-volume calls and intentionally oversized transfer descriptors...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.10 views

ACPM Multithreaded Minimal Transfer Stress Tester

This C program is a lightweight multi-threaded stress test designed to evaluate concurrent behavior of the acpmdoxfer interface under repeated small-size transfer operations across multiple threads sharing the same ACPM handle...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.8 views

Android ADB Wireless Network Flipper Zero Recon Scanner / Service Discovery

This is a reconnaissance scanner and discovery tool for Flipper Zero to look for Android ADB wireless networks...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

On-Chip Quantum Randomness Amplification

Randomness amplification, the task of extracting uniform private bits from biased seeds that may be partly known by a malicious third party, is of central importance in cryptography. The highest security in this task is provided by a class of quantum protocols known as device-independent, which...

5.3AI score
Exploits0
Total number of security vulnerabilities6803