Lucene search
+L
PacketstormnewsRecent

6864 matches found

packetstormnews
packetstormnews
added 2025/07/11 12:0 a.m.2 views

Kernel Live Patch Security Notice LSN-0113-1

Several security issues were fixed in the kernel relating to out of bounds access and use-after-free vulnerabilities...

7.8CVSS8.3AI score0.00285EPSS
Exploits0
packetstormnews
packetstormnews
added 2025/07/11 12:0 a.m.3 views

Never Trust the Manufacturer, Never Trust the Client: a Novel Method for Streaming STL Files for Secure Additive Manufacturing

While additive manufacturing has opened interesting avenues to reimagine manufacturing as a service MaaS platform, transmission of design files from client to manufacturer over networks opens up many cybersecurity challenges. Securing client's intellectual property IP especially from cyber-attack...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/11 12:0 a.m.2 views

Microsoft Windows 11 CVE-2025-49744 Checker

This archive contains a PowerShell script to validate whether a Microsoft Windows 11 system is vulnerable to CVE-2025-49744, a critical local privilege escalation vulnerability involving the gdi32.dll and win32kfull.sys system components. It does not actively exploit anything...

7CVSS6.9AI score0.0071EPSS
Exploits1
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

Hedge Funds on a Swamp: Analyzing Patterns, Vulnerabilities, and Defense Measures in Blockchain Bridges [Experiment, Analysis and Benchmark]

Blockchain bridges have become essential infrastructure for enabling interoperability across different blockchain networks, with more than $24B monthly bridge transaction volume. However, their growing adoption has been accompanied by a disproportionate rise in security breaches, making them the...

7.3AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.9 views

Temporal Unlearnable Examples: Preventing Personal Video Data from Unauthorized Exploitation by Object Tracking

With the rise of social media, vast amounts of user-uploaded videos e.g., YouTube are utilized as training data for Visual Object Tracking VOT. However, the VOT community has largely overlooked video data-privacy issues, as many private videos have been collected and used for training commercial...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

Mitigating Watermark Stealing Attacks in Generative Models Via Multi-Key Watermarking

Watermarking offers a promising solution for GenAI providers to establish the provenance of their generated content. A watermark is a hidden signal embedded in the generated content, whose presence can later be verified using a secret watermarking key. A threat to GenAI providers are \emphwaterma...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

May I Have Your Attention? Breaking Fine-Tuning Based Prompt Injection Defenses Using Architecture-Aware Attacks

A popular class of defenses against prompt injection attacks on large language models LLMs relies on fine-tuning the model to separate instructions and data, so that the LLM does not follow instructions that might be present with data. There are several academic systems and production-level...

7.4AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.13 views

Rainbow Artifacts from Electromagnetic Signal Injection Attacks on Image Sensors

Image sensors are integral to a wide range of safety- and security-critical systems, including surveillance infrastructure, autonomous vehicles, and industrial automation. These systems rely on the integrity of visual data to make decisions. In this work, we investigate a novel class of...

7.2AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.8 views

libxslt xmlNode.psvi Type Confusion

libxslt suffers from a type confusion vulnerability in xmlNode.psvi between stylesheet and source nodes...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.3 views

WinRAR Directory Traversal

WinRAR suffers from a directory traversal vulnerability that allows an attacker to place files outside the intended extraction directory when a user extracts a specially crafted .rar archive. Versions prior to 7.12 are affected...

7.8CVSS7.8AI score0.86192EPSS
Exploits8
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.3 views

Supporting Intel(R) SGX on Multi-Package Platforms

Intelr Software Guard Extensions SGX was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this capability in the cloud has been tested. Various Cloud Servi...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.2 views

GuardVal: Dynamic Large Language Model Jailbreak Evaluation for Comprehensive Safety Testing

Jailbreak attacks reveal critical vulnerabilities in Large Language Models LLMs by causing them to generate harmful or unethical content. Evaluating these threats is particularly challenging due to the evolving nature of LLMs and the sophistication required in effectively probing their...

7.5AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.6 views

Quantum Properties Trojans (QuPTs) for Attacking Quantum Neural Networks

Quantum neural networks QNN hold immense potential for the future of quantum machine learning QML. However, QNN security and robustness remain largely unexplored. In this work, we proposed novel Trojan attacks based on the quantum computing properties in a QNN-based binary classifier. Our propose...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

TruChain: a Multi-Layer Architecture for Trusted, Verifiable, and Immutable Open Banking Data

Open banking framework enables third party providers to access financial data across banking institutions, leading to unprecedented innovations in the financial sector. However, some open banking standards remain susceptible to severe technological risks, including unverified data sources,...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

EinHops: Einsum Notation for Expressive Homomorphic Operations on RNS-CKKS Tensors

Fully Homomorphic Encryption FHE is an encryption scheme that allows for computation to be performed directly on encrypted data, effectively closing the loop on secure and outsourced computing. Data is encrypted not only during rest and transit, but also during processing. However, FHE provides a...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.6 views

Beyond the Worst Case: Extending Differential Privacy Guarantees to Realistic Adversaries

Differential Privacy DP is a family of definitions that bound the worst-case privacy leakage of a mechanism. One important feature of the worst-case DP guarantee is it naturally implies protections against adversaries with less prior information, more sophisticated attack goals, and complex...

6.5AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.2 views

A Formal Rebuttal of "The Blockchain Trilemma: a Formal Proof of the Inherent Trade-Offs among Decentralization, Security, and Scalability"

This paper presents a comprehensive refutation of the so-called "blockchain trilemma," a widely cited but formally ungrounded claim asserting an inherent trade-off between decentralisation, security, and scalability in blockchain protocols. Through formal analysis, empirical evidence, and detaile...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

RADAR: a Radio-Based Analytics for Dynamic Association and Recognition of Pseudonyms in VANETs

This paper presents RADAR, a tracking algorithm for vehicles participating in Cooperative Intelligent Transportation Systems C-ITS that exploits multiple radio signals emitted by a modern vehicle to break privacy-preserving pseudonym schemes deployed in VANETs. This study shows that by combining...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.7 views

GPUHammer: Rowhammer Attacks on GPU Memories Are Practical

Rowhammer is a read disturbance vulnerability in modern DRAM that causes bit-flips, compromising security and reliability. While extensively studied on Intel and AMD CPUs with DDR and LPDDR memories, its impact on GPUs using GDDR memories, critical for emerging machine learning applications,...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.4 views

Defending against Prompt Injection with a Few DefensiveTokens

When large language model LLM systems interact with external data to perform complex tasks, a new attack, namely prompt injection, becomes a significant threat. By injecting instructions into the data accessed by the system, the attacker is able to override the initial user task with an arbitrary...

7.5AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.7 views

Towards Privacy-Preserving and Personalized Smart Homes Via Tailored Small Language Models

Large Language Models LLMs have showcased remarkable generalizability in language comprehension and hold significant potential to revolutionize human-computer interaction in smart homes. Existing LLM-based smart home assistants typically transmit user commands, along with user profiles and home...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.1 views

The Trust Fabric: Decentralized Interoperability and Economic Coordination for the Agentic Web

The fragmentation of AI agent ecosystems has created urgent demands for interoperability, trust, and economic coordination that current protocols -- including MCP Hou et al., 2025, A2A Habler et al., 2025, ACP Liu et al., 2025, and Cisco's AGP Edwards, 2025 -- cannot address at scale. We present...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.7 views

Microsoft Office Outlook Code Execution

This proof-of-concept exploit demonstrates a code execution vulnerability in Microsoft Outlook. It injects a crafted mail item into Outlook containing a malicious sync path that triggers an action during scanning...

6.7CVSS7.2AI score0.01379EPSS
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.13 views

Agent Safety Alignment Via Reinforcement Learning

The emergence of autonomous Large Language Model LLM agents capable of tool usage has introduced new safety risks that go beyond traditional conversational misuse. These agents, empowered to execute external functions, are vulnerable to both user-initiated threats e.g., adversarial prompts and...

7.6AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.7 views

Giving AI Agents Access to Cryptocurrency and Smart Contracts Creates New Vectors of AI Harm

There is growing interest in giving AI agents access to cryptocurrencies as well as to the smart contracts that transact them. But doing so, this position paper argues, could lead to formidable new vectors of AI harm. To support this argument, we first examine the unique properties of...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.5 views

Phishing Detection in the Gen-AI Era: Quantized LLMs Vs Classical Models

Phishing attacks are becoming increasingly sophisticated, underscoring the need for detection systems that strike a balance between high accuracy and computational efficiency. This paper presents a comparative evaluation of traditional Machine Learning ML, Deep Learning DL, and quantized...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.8 views

Can Large Language Models Improve Phishing Defense? A Large-Scale Controlled Experiment on Warning Dialogue Explanations

Phishing has become a prominent risk in modern cybersecurity, often used to bypass technological defences by exploiting predictable human behaviour. Warning dialogues are a standard mitigation measure, but the lack of explanatory clarity and static content limits their effectiveness. In this pape...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.7 views

KeyDroid: a Large-Scale Analysis of Secure Key Storage in Android Apps

Most contemporary mobile devices offer hardware-backed storage for cryptographic keys, user data, and other sensitive credentials. Such hardware protects credentials from extraction by an adversary who has compromised the main operating system, such as a malicious third-party app. Since 2011,...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.8 views

Hybrid LLM-Enhanced Intrusion Detection for Zero-Day Threats in IoT Networks

This paper presents a novel approach to intrusion detection by integrating traditional signature-based methods with the contextual understanding capabilities of the GPT-2 Large Language Model LLM. As cyber threats become increasingly sophisticated, particularly in distributed, heterogeneous, and...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.5 views

Invariant-Based Robust Weights Watermark for Large Language Models

Watermarking technology has gained significant attention due to the increasing importance of intellectual property IP rights, particularly with the growing deployment of large language models LLMs on billions resource-constrained edge devices. To counter the potential threats of IP theft by...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.5 views

LINE: Public-Key Encryption

We propose a public key encryption cryptosystem based on solutions of linear equation systems with predefinition of input parameters through shared secret computation for factorizable substitutions. The existence of multiple equivalent solutions for an underdetermined system of linear equations...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/10 12:0 a.m.5 views

Autonomous AI-Based Cybersecurity Framework for Critical Infrastructure: Real-Time Threat Mitigation

Critical infrastructure systems, including energy grids, healthcare facilities, transportation networks, and water distribution systems, are pivotal to societal stability and economic resilience. However, the increasing interconnectivity of these systems exposes them to various cyber threats,...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

Disa: Accurate Learning-Based Static Disassembly with Attentions

For reverse engineering related security domains, such as vulnerability detection, malware analysis, and binary hardening, disassembly is crucial yet challenging. The fundamental challenge of disassembly is to identify instruction and function boundaries. Classic approaches rely on file-format...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.4 views

PotentRegion4MalDetect: Advanced Features from Potential Malicious Regions for Malware Detection

Malware developers exploit the fact that most detection models focus on the entire binary to extract the feature rather than on the regions of potential maliciousness. Therefore, they reverse engineer a benign binary and inject malicious code into it. This obfuscation technique circumvents the...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

FedP3E: Privacy-Preserving Prototype Exchange for Non-IID IoT Malware Detection in Cross-Silo Federated Learning

As IoT ecosystems continue to expand across critical sectors, they have become prominent targets for increasingly sophisticated and large-scale malware attacks. The evolving threat landscape, combined with the sensitive nature of IoT-generated data, demands detection frameworks that are both...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.7 views

Privacy-Utility-Fairness: a Balanced Approach to Vehicular-Traffic Management System

Location-based vehicular traffic management faces significant challenges in protecting sensitive geographical data while maintaining utility for traffic management and fairness across regions. Existing state-of-the-art solutions often fail to meet the required level of protection against linkage...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.10 views

Understanding Malware Propagation Dynamics through Scientific Machine Learning

Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.6 views

On the Impossibility of Separating Intelligence from Judgment: the Computational Intractability of Filtering for AI Alignment

With the increased deployment of large language models LLMs, one concern is their potential misuse for generating harmful content. Our work studies the alignment challenge, with a focus on filters to prevent the generation of unsafe information. Two natural points of intervention are the filterin...

7.2AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.4 views

Semi-Fragile Watermarking of Remote Sensing Images Using DWT, Vector Quantization and Automatic Tiling

A semi-fragile watermarking scheme for multiple band images is presented in this article. We propose to embed a mark into remote sensing images applying a tree-structured vector quantization approach to the pixel signatures instead of processing each band separately. The signature of the...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.11 views

AI Agent Smart Contract Exploit Generation

We present A1, an agentic execution driven system that transforms any LLM into an end-to-end exploit generator. A1 has no hand-crafted heuristics and provides the agent with six domain-specific tools that enable autonomous vulnerability discovery. The agent can flexibly leverage these tools to...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.8 views

GNU Transport Layer Security Library 3.8.10

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

8.2CVSS6.5AI score0.01185EPSS
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.27 views

WatchWitch: Interoperability, Privacy, and Autonomy for the Apple Watch

Smartwatches such as the Apple Watch collect vast amounts of intimate health and fitness data as we wear them. Users have little choice regarding how this data is processed: The Apple Watch can only be used with Apple's iPhones, using their software and their cloud services. We are the first to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

Clio-X: AWeb3 Solution for Privacy-Preserving AI Access to Digital Archives

As archives turn to artificial intelligence to manage growing volumes of digital records, privacy risks inherent in current AI data practices raise critical concerns about data sovereignty and ethical accountability. This paper explores how privacy-enhancing technologies PETs and Web3 architectur...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

RAG Safety: Exploring Knowledge Poisoning Attacks to Retrieval-Augmented Generation

Retrieval-Augmented Generation RAG enhances large language models LLMs by retrieving external data to mitigate hallucinations and outdated knowledge issues. Benefiting from the strong ability in facilitating diverse data sources and supporting faithful reasoning, knowledge graphs KGs have been...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

Automated Attack Testflow Extraction from Cyber Threat Report Using BERT for Contextual Analysis

In the ever-evolving landscape of cybersecurity, the rapid identification and mitigation of Advanced Persistent Threats APTs is crucial. Security practitioners rely on detailed threat reports to understand the tactics, techniques, and procedures TTPs employed by attackers. However, manually...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

Approximating Euler Totient Function Using Linear Regression on RSA Moduli

The security of the RSA cryptosystem is based on the intractability of computing Euler's totient function phin for large integers n. Although deriving phin deterministically remains computationally infeasible for cryptographically relevant bit lengths, and machine learning presents a promising...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.4 views

Analytic Rényi Entropy Bounds for Device-Independent Cryptography

Device-independent DI cryptography represents the highest level of security, enabling cryptographic primitives to be executed safely on uncharacterized devices. Moreover, with successful proof-of-concept demonstrations in randomness expansion, randomness amplification, and quantum key distributio...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.7 views

Unifying Re-Identification, Attribute Inference, and Data Reconstruction Risks in Differential Privacy

Differentially private DP mechanisms are difficult to interpret and calibrate because existing methods for mapping standard privacy parameters to concrete privacy risks -- re-identification, attribute inference, and data reconstruction -- are both overly pessimistic and inconsistent. In this work...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.5 views

Wrapless: the Trustless Lending Protocol on Top of Bitcoin

This paper presents Wrapless -- a lending protocol that enables the collateralization of bitcoins without requiring a trusted wrapping mechanism. The protocol facilitates a "loan channel" on the Bitcoin blockchain, allowing bitcoins to be locked as collateral for loans issued on any blockchain th...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/09 12:0 a.m.7 views

Shuffling for Semantic Secrecy

Deep learning draws heavily on the latest progress in semantic communications. The present paper aims to examine the security aspect of this cutting-edge technique from a novel shuffling perspective. Our goal is to improve upon the conventional secure coding scheme to strike a desirable tradeoff...

7AI score
Exploits0
Total number of security vulnerabilities6864