Lucene search
+L
PacketstormnewsRecent

6894 matches found

packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.5 views

An Architecture for Privacy-Preserving Telemetry Scheme

Whitepaper called An Architecture For Privacy-Preserving Telemetry Scheme...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.5 views

Generalized and Unified Equivalences between Hardness and Pseudoentropy

Pseudoentropy characterizations provide a quantitatively precise demonstration of the close relationship between computational hardness and computational randomness. We prove a unified pseudoentropy characterization that generalizes and strengthens previous results for both uniform and non-unifor...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.59 views

CAVGAN: Unifying Jailbreak and Defense of LLMs Via Generative Adversarial Attacks on Their Internal Representations

Security alignment enables the Large Language Model LLM to gain the protection against malicious queries, but various jailbreak attack methods reveal the vulnerability of this security mechanism. Previous studies have isolated LLM jailbreak attacks and defenses. We analyze the security protection...

7.3AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.6 views

TELSAFE: Security Gap Quantitative Risk Assessment Framework

Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance challenges, security risk management strategies are essential...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.4 views

Enhancing LLM Watermark Resilience against Both Scrubbing and Spoofing Attacks

Watermarking is a promising defense against the misuse of large language models LLMs, yet it remains vulnerable to scrubbing and spoofing attacks. This vulnerability stems from an inherent trade-off governed by watermark window size: smaller windows resist scrubbing better but are easier to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.17 views

Post-Processing in Local Differential Privacy: an Extensive Evaluation and Benchmark Platform

Local differential privacy LDP has recently gained prominence as a powerful paradigm for collecting and analyzing sensitive data from users' devices. However, the inherent perturbation added by LDP protocols reduces the utility of the collected data. To mitigate this issue, several post-processin...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.5 views

Detection of Intelligent Tampering in Wireless Electrocardiogram Signals Using Hybrid Machine Learning

With the proliferation of wireless electrocardiogram ECG systems for health monitoring and authentication, protecting signal integrity against tampering is becoming increasingly important. This paper analyzes the performance of CNN, ResNet, and hybrid Transformer-CNN models for tamper detection. ...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.8 views

Image Can Bring Your Memory Back: a Novel Multi-Modal Guided Attack against Image Generation Model Unlearning

Whitepaper called Image Can Bring Your Memory Back: A Novel Multi-Modal Guided Attack Against Image Generation Model Unlearning...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.10 views

CitrixBleed-2 Out-Of-Bounds Read

CVE-2025-5777 is a critical unauthenticated out-of-bounds read in Citrix NetScaler ADC/Gateway Gateway or AAA vServer mode. A single crafted request can dump memory containing session tokens, enabling full authentication bypass—earning the nickname CitrixBleed 2. This is a proof of concept exploi...

9.3CVSS8.7AI score0.9987EPSS
Exploits18
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.3 views

Vectorised Hashing Based on Bernstein-Rabin-Winograd Polynomials over Prime Order Fields

We introduce the new AXU hash function decBRWHash, which is parameterised by the positive integer $c$ and is based on Bernstein-Rabin-Winograd BRW polynomials. Choosing $c1$ gives a hash function which can be implemented using $c$-way single instruction multiple data SIMD instructions. We report ...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.3 views

Subgraph Counting under Edge Local Differential Privacy Based on Noisy Adjacency Matrix

When analyzing connection patterns within graphs, subgraph counting serves as an effective and fundamental approach. Edge-local differential privacy edge-LDP and shuffle model have been employed to achieve subgraph counting under a privacy-preserving situation. Existing algorithms are plagued by...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.3 views

The Bitter Lesson of Misuse Detection

Prior work on jailbreak detection has established the importance of adversarial robustness for LLMs but has largely focused on the model ability to resist adversarial inputs and to output safe content, rather than the effectiveness of external supervision systems. The only public and independent...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/08 12:0 a.m.3 views

On Jailbreaking Quantized Language Models through Fault Injection Attacks

The safety alignment of Language Models LMs is a critical concern, yet their integrity can be challenged by direct parameter manipulation attacks, such as those potentially induced by fault injection. As LMs are increasingly deployed using low-precision quantization for efficiency, this paper...

7.3AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.7 views

QNAP Remote Code Execution

QNAP proof of concept stack overflow remote code execution exploit. This has been addressed in versions QTS 5.1.7.2770 build 20240520, hero h5.1.7.2770 build 20240520 and above...

8.8CVSS8.2AI score0.38054EPSS
Exploits3
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.7 views

Hunting in the Dark: Metrics for Early Stage Traffic Discovery

Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.7 views

Bullshark on Narwhal: Implementation-Level Workflow Analysis of Round-Based DAG Consensus in Theory and Practice

Round-based DAGs enable high-performance Byzantine fault-tolerant consensus, yet their technical advantages remain underutilized due to their short history. While research on consensus protocols is active in both academia and industry, many studies overlook implementation-level algorithms, leavin...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Cascade: Token-Sharded Private LLM Inference

As LLMs continue to increase in parameter size, the computational resources required to run them are available to fewer parties. Therefore, third-party inference services -- where LLMs are hosted by third parties with significant computational resources -- are becoming increasingly popular...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

FIDESlib: a Fully-Fledged Open-Source FHE Library for Efficient CKKS on GPUs

Word-wise Fully Homomorphic Encryption FHE schemes, such as CKKS, are gaining significant traction due to their ability to provide post-quantum-resistant, privacy-preserving approximate computing; an especially desirable feature in Machine-Learning-as-a-Service MLaaS cloud-computing paradigms...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Q-Detection: a Quantum-Classical Hybrid Poisoning Attack Detection Method

Data poisoning attacks pose significant threats to machine learning models by introducing malicious data into the training process, thereby degrading model performance or manipulating predictions. Detecting and sifting out poisoned data is an important method to prevent data poisoning attacks...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.4 views

LIFT: Automating Symbolic Execution Optimization with Large Language Models for AI Networks

Dynamic Symbolic Execution DSE is a key technique in program analysis, widely used in software testing, vulnerability discovery, and formal verification. In distributed AI systems, DSE plays a crucial role in identifying hard-to-detect bugs, especially those arising from complex network...

7.4AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.8 views

Attacker'S Noise Can Manipulate Your Audio-Based LLM in the Real World

This paper investigates the real-world vulnerabilities of audio-based large language models ALLMs, such as Qwen2-Audio. We first demonstrate that an adversary can craft stealthy audio perturbations to manipulate ALLMs into exhibiting specific targeted behaviors, such as eliciting responses to...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

The Landscape of Memorization in LLMs: Mechanisms, Measurement, and Mitigation

Large Language Models LLMs have demonstrated remarkable capabilities across a wide range of tasks, yet they also exhibit memorization of their training data. This phenomenon raises critical questions about model behavior, privacy risks, and the boundary between learning and memorization. Addressi...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

DATABench: Evaluating Dataset Auditing in Deep Learning from an Adversarial Perspective

The widespread application of Deep Learning across diverse domains hinges critically on the quality and composition of training datasets. However, the common lack of disclosure regarding their usage raises significant privacy and copyright concerns. Dataset auditing techniques, which aim to...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

Cyclic Equalizability of Words and Its Application to Card-Based Cryptography

Card-based cryptography is a research area to implement cryptographic procedures using a deck of physical cards. In recent years, it has been found to be related to finite group theory and algebraic combinatorics, and is becoming more and more closely connected to the field of mathematics. In thi...

6.4AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.4 views

PROTEAN: Federated Intrusion Detection in Non-IID Environments through Prototype-Based Knowledge Sharing

In distributed networks, participants often face diverse and fast-evolving cyberattacks. This makes techniques based on Federated Learning FL a promising mitigation strategy. By only exchanging model updates, FL participants can collaboratively build detection models without revealing sensitive...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.4 views

Red Teaming AI Red Teaming

Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

How Not to Detect Prompt Injections with an LLM

Whitepaper called How Not To Detect Prompt Injections With An LLM...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.9 views

Large Language Models for Network Intrusion Detection Systems: Foundations, Implementations, and Future Directions

Large Language Models LLMs have revolutionized various fields with their exceptional capabilities in understanding, processing, and generating human-like text. This paper investigates the potential of LLMs in advancing Network Intrusion Detection Systems NIDS, analyzing current challenges,...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.3 views

FrameShift: Learning to Resize Fuzzer Inputs without Breaking Them

Coverage-guided fuzzers are powerful automated bug-finding tools. They mutate program inputs, observe coverage, and save any input that hits an unexplored path for future mutation. Unfortunately, without knowledge of input formats--for example, the relationship between formats' data fields and...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Phantom Subgroup Poisoning: Stealth Attacks on Federated Recommender Systems

Federated recommender systems FedRec have emerged as a promising solution for delivering personalized recommendations while safeguarding user privacy. However, recent studies have demonstrated their vulnerability to poisoning attacks. Existing attacks typically target the entire user group, which...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Efficient Unlearning with Privacy Guarantees

Privacy protection laws, such as the GDPR, grant individuals the right to request the forgetting of their personal data not only from databases but also from machine learning ML models trained on them. Machine unlearning has emerged as a practical means to facilitate model forgetting of data...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.3 views

BackFed: an Efficient and Standardized Benchmark Suite for Backdoor Attacks in Federated Learning

Federated Learning FL systems are vulnerable to backdoor attacks, where adversaries train their local models on poisoned data and submit poisoned model updates to compromise the global model. Despite numerous proposed attacks and defenses, divergent experimental settings, implementation errors, a...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.4 views

Layered, Overlapping, and Inconsistent: a Large-Scale Analysis of the Multiple Privacy Policies and Controls of U.S. Banks

Whitepaper called Layered, Overlapping, And Inconsistent: A Large-Scale Analysis Of The Multiple Privacy Policies And Controls Of U.S. Banks...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Evaluating the Critical Risks of Amazon'S Nova Premier under the Frontier Model Safety Framework

Nova Premier is Amazon's most capable multimodal foundation model and teacher for model distillation. It processes text, images, and video with a one-million-token context window, enabling analysis of large codebases, 400-page documents, and 90-minute videos in a single prompt. We present the fir...

7.3AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.8 views

The Hidden Threat in Plain Text: Attacking RAG Data Loaders

Large Language Models LLMs have transformed human-machine interaction since ChatGPT's 2022 debut, with Retrieval-Augmented Generation RAG emerging as a key framework that enhances LLM outputs by integrating external knowledge. However, RAG's reliance on ingesting external documents introduces new...

7.6AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Extreme Learning Machine Based System for DDoS Attacks Detections on IoMT Devices

The Internet of Medical Things IoMT represents a paradigm shift in the healthcare sector, enabling the interconnection of medical devices, sensors, and systems to enhance patient monitoring, diagnosis, and management. The rapid evolution of IoMT presents significant benefits to the healthcare...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.8 views

Adaptive Variation-Resilient Random Number Generator for Embedded Encryption

With a growing interest in securing user data within the internet-of-things IoT, embedded encryption has become of paramount importance, requiring light-weight high-quality Random Number Generators RNGs. Emerging stochastic device technologies produce random numbers from stochastic physical...

6.6AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

CLIP-Guided Backdoor Defense through Entropy-Based Poisoned Dataset Separation

Deep Neural Networks DNNs are susceptible to backdoor attacks, where adversaries poison training data to implant backdoor into the victim model. Current backdoor defenses on poisoned data often suffer from high computational costs or low effectiveness against advanced attacks like clean-label and...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Disappearing Ink: Obfuscation Breaks N-Gram Code Watermarks in Theory and Practice

Distinguishing AI-generated code from human-written code is becoming crucial for tasks such as authorship attribution, content tracking, and misuse detection. Based on this, N-gram-based watermarking schemes have emerged as prominent, which inject secret watermarks to be detected during the...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

Enabling Security on the Edge: a CHERI Compartmentalized Network Stack

The widespread deployment of embedded systems in critical infrastructures, interconnected edge devices like autonomous drones, and smart industrial systems requires robust security measures. Compromised systems increase the risks of operational failures, data breaches, and -- in safety-critical...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.5 views

Hybrid Approach to Directed Fuzzing

Program analysis and automated testing have recently become an essential part of SSDLC. Directed greybox fuzzing is one of the most popular automated testing methods that focuses on error detection in predefined code regions. However, it still lacks ability to overcome difficult program...

7.2AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.15 views

A Systematization of Security Vulnerabilities in Computer Use Agents

Computer Use Agents CUAs, autonomous systems that interact with software interfaces via browsers or virtual machines, are rapidly being deployed in consumer and enterprise environments. These agents introduce novel attack surfaces and trust boundaries that are not captured by traditional threat...

7.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

Beyond Training-Time Poisoning: Component-Level and Post-Training Backdoors in Deep Reinforcement Learning

Deep Reinforcement Learning DRL systems are increasingly used in safety-critical applications, yet their security remains severely underexplored. This work investigates backdoor attacks, which implant hidden triggers that cause malicious actions only when specific inputs appear in the observation...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.7 views

IThermTroj: Exploiting Intermittent Thermal Trojans in Multi-Processor System-On-Chips

Thermal Trojan attacks present a pressing concern for the security and reliability of System-on-Chips SoCs, especially in mobile applications. The situation becomes more complicated when such attacks are more evasive and operate sporadically to stay hidden from detection mechanisms. In this paper...

6.8AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/07 12:0 a.m.6 views

AIDE 0.19.1

AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/06 12:0 a.m.4 views

README: Robust Error-Aware Digital Signature Framework Via Deep Watermarking Model

Deep learning-based watermarking has emerged as a promising solution for robust image authentication and protection. However, existing models are limited by low embedding capacity and vulnerability to bit-level errors, making them unsuitable for cryptographic applications such as digital...

7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/06 12:0 a.m.3 views

Nuclei 3.4.7

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

6.9AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/06 12:0 a.m.8 views

Model Inversion Attacks on Llama 3: Extracting PII from Large Language Models

Large language models LLMs have transformed natural language processing, but their ability to memorize training data poses significant privacy risks. This paper investigates model inversion attacks on the Llama 3.2 model, a multilingual LLM developed by Meta. By querying the model with carefully...

6.7AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/06 12:0 a.m.4 views

Emergent Misalignment As Prompt Sensitivity: a Research Note

Betley et al. 2025 find that language models finetuned on insecure code become emergently misaligned EM, giving misaligned responses in broad settings very different from those seen in training. However, it remains unclear as to why emergent misalignment occurs. We evaluate insecure models across...

7.1AI score
Exploits0
packetstormnews
packetstormnews
added 2025/07/06 12:0 a.m.5 views

Attention Slipping: a Mechanistic Understanding of Jailbreak Attacks and Defenses in LLMs

As large language models LLMs become more integral to society and technology, ensuring their safety becomes essential. Jailbreak attacks exploit vulnerabilities to bypass safety guardrails, posing a significant threat. However, the mechanisms enabling these attacks are not well understood. In thi...

7.4AI score
Exploits0
Total number of security vulnerabilities6894