Lucene search
+L
PacketstormnewsRecent

6864 matches found

packetstormnews
packetstormnews
•added 2025/07/09 12:0 a.m.•4 views

Kigen eUICC Type Confusion

Security Explorations has broken the security of Kigen eUICC card with GSMA consumer certificates installed into it. The eUICC card makes it possible to install the so called eSIM profiles into target chip. eSIM profiles are software representations of mobile subscriptions. For many years such...

6.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/09 12:0 a.m.•9 views

AdeptHEQ-FL: Adaptive Homomorphic Encryption for Federated Learning of Hybrid Classical-Quantum Models with Dynamic Layer Sparing

Federated Learning FL faces inherent challenges in balancing model performance, privacy preservation, and communication efficiency, especially in non-IID decentralized environments. Recent approaches either sacrifice formal privacy guarantees, incur high overheads, or overlook quantum-enhanced...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/09 12:0 a.m.•12 views

BarkBeetle: Stealing Decision Tree Models with Fault Injection

Machine learning models, particularly decision trees DTs, are widely adopted across various domains due to their interpretability and efficiency. However, as ML models become increasingly integrated into privacy-sensitive applications, concerns about their confidentiality have grown, particularly...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/09 12:0 a.m.•2 views

Microsoft Windows 11 x64 Reverse TCP Shellcode

564 bytes small Microsoft Windows 11 x64 reverse TCP shellcode...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•3 views

Asynchronous Event Error-Minimizing Noise for Safeguarding Event Dataset

With more event datasets being released online, safeguarding the event dataset against unauthorized usage has become a serious concern for data owners. Unlearnable Examples are proposed to prevent the unauthorized exploitation of image datasets. However, it's unclear how to create unlearnable...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•8 views

LDP$^3$: an Extensible and Multi-Threaded Toolkit for Local Differential Privacy Protocols and Post-Processing Methods

Local differential privacy LDP has become a prominent notion for privacy-preserving data collection. While numerous LDP protocols and post-processing PP methods have been developed, selecting an optimal combination under different privacy budgets and datasets remains a challenge. Moreover, the la...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

The Impact of Event Data Partitioning on Privacy-Aware Process Discovery

Information systems support the execution of business processes. The event logs of these executions generally contain sensitive information about customers, patients, and employees. The corresponding privacy challenges can be addressed by anonymizing the event logs while still retaining utility f...

6.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•8 views

Bridging AI and Software Security: a Comparative Vulnerability Assessment of LLM Agent Deployment Paradigms

Large Language Model LLM agents face security vulnerabilities spanning AI-specific and traditional software domains, yet current research addresses these separately. This study bridges this gap through comparative evaluation of Function Calling architecture and Model Context Protocol MCP deployme...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•6 views

Taming Data Challenges in ML-Based Security Tasks: Lessons from Integrating Generative AI

Machine learning-based supervised classifiers are widely used for security tasks, and their improvement has been largely focused on algorithmic advancements. We argue that data challenges that negatively impact the performance of these classifiers have received limited attention. We address the...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

Enter, Exit, Page Fault, Leak: Testing Isolation Boundaries for Microarchitectural Leaks

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow. Software must therefore supplement architectural defense...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•6 views

Immutability Does Not Guarantee Trust: a Formal and Logical Refutation

It is frequently claimed in blockchain discourse that immutability guarantees trust. This paper rigorously refutes that assertion. We define immutability as the cryptographic persistence of historical states in an append-only data structure and contrast it with trust, understood as a rational...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•4 views

Rugsafe: a Multichain Protocol for Recovering from and Defending against Rug Pulls

Rugsafe introduces a comprehensive protocol aimed at mitigating the risks of rug pulls in the cryptocurrency ecosystem. By utilizing cryptographic security measures and economic incentives, the protocol provides a secure multichain system for recovering assets and transforming rugged tokens into...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•7 views

HEMA: a Hands-On Exploration Platform for MEMS Sensor Attacks

Automotive safety and security are paramount in the rapidly advancing landscape of vehicular technology. Building safe and secure vehicles demands a profound understanding of automotive systems, particularly in safety and security. Traditional learning approaches, such as reading materials or...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•8 views

A Formal Refutation of the Blockchain Trilemma

The so-called blockchain trilemma asserts the impossibility of simultaneously achieving scalability, security, and decentralisation within a single blockchain protocol. In this paper, we formally refute that proposition. Employing predicate logic, formal automata theory, computational complexity...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•8 views

TuneShield: Mitigating Toxicity in Conversational AI While Fine-Tuning on Untrusted Data

Recent advances in foundation models, such as LLMs, have revolutionized conversational AI. Chatbots are increasingly being developed by customizing LLMs on specific conversational datasets. However, mitigating toxicity during this customization, especially when dealing with untrusted training dat...

7.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•2 views

Subgraph Counting under Edge Local Differential Privacy Based on Noisy Adjacency Matrix

When analyzing connection patterns within graphs, subgraph counting serves as an effective and fundamental approach. Edge-local differential privacy edge-LDP and shuffle model have been employed to achieve subgraph counting under a privacy-preserving situation. Existing algorithms are plagued by...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•4 views

Polyadic Encryption

A novel original procedure of encryption/decryption based on the polyadic algebraic structures and on signal processing methods is proposed. First, we use signals with integer amplitudes to send information. Then we use polyadic techniques to transfer the plaintext into series of special integers...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•6 views

Automated Reasoning for Vulnerability Management by Design

For securing systems, it is essential to manage their vulnerability posture and design appropriate security controls. Vulnerability management allows to proactively address vulnerabilities by incorporating pertinent security controls into systems designs. Current vulnerability management approach...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

A Survey on Artificial Noise for Physical Layer Security: Opportunities, Technologies, Guidelines, Advances, and Trends

Due to the broadcast nature of wireless communications, physical-layer security has attracted increasing concerns from both academia and industry. Artificial noise AN, as one of the promising physical-layer security techniques, is capable of utilizing the spatial degree-of-freedom of channels to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•9 views

CitrixBleed-2 Out-Of-Bounds Read

CVE-2025-5777 is a critical unauthenticated out-of-bounds read in Citrix NetScaler ADC/Gateway Gateway or AAA vServer mode. A single crafted request can dump memory containing session tokens, enabling full authentication bypass—earning the nickname CitrixBleed 2. This is a proof of concept exploi...

9.3CVSS8.7AI score0.9987EPSS
Exploits18
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•6 views

Suricata IDPE 7.0.11

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

7.5CVSS6.5AI score0.00432EPSS
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•2 views

On Jailbreaking Quantized Language Models through Fault Injection Attacks

The safety alignment of Language Models LMs is a critical concern, yet their integrity can be challenged by direct parameter manipulation attacks, such as those potentially induced by fault injection. As LMs are increasingly deployed using low-precision quantization for efficiency, this paper...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

A Novel APVD Steganography Technique Incorporating Pseudorandom Pixel Selection for Robust Image Security

Steganography is the process of embedding secret information discreetly within a carrier, ensuring secure exchange of confidential data. The Adaptive Pixel Value Differencing APVD steganography method, while effective, encounters certain challenges like the "unused blocks" issue. This problem can...

6.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

An Architecture for Privacy-Preserving Telemetry Scheme

Whitepaper called An Architecture For Privacy-Preserving Telemetry Scheme...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

Generalized and Unified Equivalences between Hardness and Pseudoentropy

Pseudoentropy characterizations provide a quantitatively precise demonstration of the close relationship between computational hardness and computational randomness. We prove a unified pseudoentropy characterization that generalizes and strengthens previous results for both uniform and non-unifor...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•2 views

The Bitter Lesson of Misuse Detection

Prior work on jailbreak detection has established the importance of adversarial robustness for LLMs but has largely focused on the model ability to resist adversarial inputs and to output safe content, rather than the effectiveness of external supervision systems. The only public and independent...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•2 views

Vectorised Hashing Based on Bernstein-Rabin-Winograd Polynomials over Prime Order Fields

We introduce the new AXU hash function decBRWHash, which is parameterised by the positive integer $c$ and is based on Bernstein-Rabin-Winograd BRW polynomials. Choosing $c1$ gives a hash function which can be implemented using $c$-way single instruction multiple data SIMD instructions. We report ...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•59 views

CAVGAN: Unifying Jailbreak and Defense of LLMs Via Generative Adversarial Attacks on Their Internal Representations

Security alignment enables the Large Language Model LLM to gain the protection against malicious queries, but various jailbreak attack methods reveal the vulnerability of this security mechanism. Previous studies have isolated LLM jailbreak attacks and defenses. We analyze the security protection...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•6 views

TELSAFE: Security Gap Quantitative Risk Assessment Framework

Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance challenges, security risk management strategies are essential...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•4 views

Enhancing LLM Watermark Resilience against Both Scrubbing and Spoofing Attacks

Watermarking is a promising defense against the misuse of large language models LLMs, yet it remains vulnerable to scrubbing and spoofing attacks. This vulnerability stems from an inherent trade-off governed by watermark window size: smaller windows resist scrubbing better but are easier to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•17 views

Post-Processing in Local Differential Privacy: an Extensive Evaluation and Benchmark Platform

Local differential privacy LDP has recently gained prominence as a powerful paradigm for collecting and analyzing sensitive data from users' devices. However, the inherent perturbation added by LDP protocols reduces the utility of the collected data. To mitigate this issue, several post-processin...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•5 views

Detection of Intelligent Tampering in Wireless Electrocardiogram Signals Using Hybrid Machine Learning

With the proliferation of wireless electrocardiogram ECG systems for health monitoring and authentication, protecting signal integrity against tampering is becoming increasingly important. This paper analyzes the performance of CNN, ResNet, and hybrid Transformer-CNN models for tamper detection. ...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/08 12:0 a.m.•8 views

Image Can Bring Your Memory Back: a Novel Multi-Modal Guided Attack against Image Generation Model Unlearning

Whitepaper called Image Can Bring Your Memory Back: A Novel Multi-Modal Guided Attack Against Image Generation Model Unlearning...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•7 views

QNAP Remote Code Execution

QNAP proof of concept stack overflow remote code execution exploit. This has been addressed in versions QTS 5.1.7.2770 build 20240520, hero h5.1.7.2770 build 20240520 and above...

8.8CVSS8.2AI score0.38054EPSS
Exploits3
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•7 views

Hunting in the Dark: Metrics for Early Stage Traffic Discovery

Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•7 views

Bullshark on Narwhal: Implementation-Level Workflow Analysis of Round-Based DAG Consensus in Theory and Practice

Round-based DAGs enable high-performance Byzantine fault-tolerant consensus, yet their technical advantages remain underutilized due to their short history. While research on consensus protocols is active in both academia and industry, many studies overlook implementation-level algorithms, leavin...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•5 views

Cascade: Token-Sharded Private LLM Inference

As LLMs continue to increase in parameter size, the computational resources required to run them are available to fewer parties. Therefore, third-party inference services -- where LLMs are hosted by third parties with significant computational resources -- are becoming increasingly popular...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•5 views

FIDESlib: a Fully-Fledged Open-Source FHE Library for Efficient CKKS on GPUs

Word-wise Fully Homomorphic Encryption FHE schemes, such as CKKS, are gaining significant traction due to their ability to provide post-quantum-resistant, privacy-preserving approximate computing; an especially desirable feature in Machine-Learning-as-a-Service MLaaS cloud-computing paradigms...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•5 views

Q-Detection: a Quantum-Classical Hybrid Poisoning Attack Detection Method

Data poisoning attacks pose significant threats to machine learning models by introducing malicious data into the training process, thereby degrading model performance or manipulating predictions. Detecting and sifting out poisoned data is an important method to prevent data poisoning attacks...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•4 views

LIFT: Automating Symbolic Execution Optimization with Large Language Models for AI Networks

Dynamic Symbolic Execution DSE is a key technique in program analysis, widely used in software testing, vulnerability discovery, and formal verification. In distributed AI systems, DSE plays a crucial role in identifying hard-to-detect bugs, especially those arising from complex network...

7.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•8 views

Attacker'S Noise Can Manipulate Your Audio-Based LLM in the Real World

This paper investigates the real-world vulnerabilities of audio-based large language models ALLMs, such as Qwen2-Audio. We first demonstrate that an adversary can craft stealthy audio perturbations to manipulate ALLMs into exhibiting specific targeted behaviors, such as eliciting responses to...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•6 views

The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation

Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•6 views

DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective

The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•6 views

Cyclic Equalizability of Words and Its Application to Card-Based Cryptography

Card-based cryptography is a research area to implement cryptographic procedures using a deck of physical cards. In recent years, it has been found to be related to finite group theory and algebraic combinatorics, and is becoming more and more closely connected to the field of mathematics. In thi...

6.4AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•4 views

PROTEAN: Federated Intrusion Detection in Non-IID Environments through Prototype-Based Knowledge Sharing

In distributed networks, participants often face diverse and fast-evolving cyberattacks. This makes techniques based on Federated Learning FL a promising mitigation strategy. By only exchanging model updates, FL participants can collaboratively build detection models without revealing sensitive...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•4 views

Red Teaming AI Red Teaming

Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•6 views

How Not to Detect Prompt Injections with an LLM

Whitepaper called How Not To Detect Prompt Injections With An LLM...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•9 views

Large Language Models for Network Intrusion Detection Systems: Foundations, Implementations, and Future Directions

Large Language Models LLMs have revolutionized various fields with their exceptional capabilities in understanding, processing, and generating human-like text. This paper investigates the potential of LLMs in advancing Network Intrusion Detection Systems NIDS, analyzing current challenges,...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•3 views

FrameShift: Learning to Resize Fuzzer Inputs without Breaking Them

Coverage-guided fuzzers are powerful automated bug-finding tools. They mutate program inputs, observe coverage, and save any input that hits an unexplored path for future mutation. Unfortunately, without knowledge of input formats--for example, the relationship between formats' data fields and...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/07 12:0 a.m.•5 views

Phantom Subgroup Poisoning: Stealth Attacks on Federated Recommender Systems

Federated recommender systems FedRec have emerged as a promising solution for delivering personalized recommendations while safeguarding user privacy. However, recent studies have demonstrated their vulnerability to poisoning attacks. Existing attacks typically target the entire user group, which...

6.7AI score
Exploits0
Total number of security vulnerabilities6864