Lucene search
+L
PacketstormnewsRecent

6894 matches found

packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•11 views

HexaMorphHash HMH - Homomorphic Hashing for Secure and Efficient Cryptographic Operations in Data Integrity Verification

In the realm of big data and cloud computing, distributed systems are tasked with proficiently managing, storing, and validating extensive datasets across numerous nodes, all while maintaining robust data integrity. Conventional hashing methods, though straightforward, encounter substan tial...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•5 views

Falco 0.41.3

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•5 views

iOS Activation Flaw Enables Pre-User Device Compromise

A critical vulnerability exists in Apple’s iOS activation pipeline that allows remote XML payload injection before the user ever interacts with the device...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•5 views

TestSSL 3.2.1

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•4 views

WordPress Custom Login and Signup Widget 1.0 Remote Code Execution

WordPress Custom Login and Signup Widget plugin versions 1.0 and below suffer from a remote code execution vulnerability...

9.1CVSS7.9AI score0.02122EPSS
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•12 views

WordPress Opal Estate Pro 1.7.5 Privilege Escalation

WordPress Opal Estate Pro plugin versions 1.7.5 and below suffers from a privilege escalation vulnerability...

9.8CVSS6.8AI score0.22334EPSS
Exploits12
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•19 views

Packet Storm New Exploits for June, 2025

This archive contains all of the 126 exploits added to Packet Storm in June, 2025...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•3 views

The Age of Sensorial Zero Trust: Why We Can No Longer Trust Our Senses

In a world where deepfakes and cloned voices are emerging as sophisticated attack vectors, organizations require a new security mindset: Sensorial Zero Trust. This article presents a scientific analysis of the need to systematically doubt information perceived through the senses, establishing...

6.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/07/01 12:0 a.m.•5 views

TestSSL 3.0.10

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•3 views

CISA: Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest

CISA, the Federal Bureau of Investigation FBI, the Department of Defense Cyber Crime Center DC3, and the National Security Agency NSA published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•4 views

ZigStrike 2.0

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike includes a...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•5 views

WATCHDOG: an Ontology-AWare Risk AssessmenT ApproaCH Via Object-Oriented DisruptiOn Graphs

When considering risky events or actions, we must not downplay the role of involved objects: a charged battery in our phone averts the risk of being stranded in the desert after a flat tyre, and a functional firewall mitigates the risk of a hacker intruding the network. The Common Ontology of Val...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•4 views

SkyEye: When Your Vision Reaches beyond IAM Boundary Scope in AWS Cloud

In recent years, cloud security has emerged as a primary concern for enterprises due to the increasing trend of migrating internal infrastructure and applications to cloud environments. This shift is driven by the desire to reduce the high costs and maintenance fees associated with traditional...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•5 views

American Fuzzy Lop plus plus 4.33c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/30 12:0 a.m.•3 views

Nuclei 3.4.5

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/29 12:0 a.m.•5 views

Linear Stability Analysis for a System of Singular Amplitude Equations Arising in Biomorphology

We study linear stability of exponential periodic solutions of a system of singular amplitude equations associated with convective Turing bifurcation in the presence of conservation laws, as arises in modern biomorphology models, binary fluids, and elsewhere. Consisting of a complex Ginzburg-Land...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•6 views

Consumer Beware! Exploring Data Brokers' CCPA Compliance

Data brokers collect and sell the personal information of millions of individuals, often without their knowledge or consent. The California Consumer Privacy Act CCPA grants consumers the legal right to request access to, or deletion of, their data. To facilitate these requests, California maintai...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•7 views

Under the Hood of BlotchyQuasar: DLL-Based RAT Campaigns against Latin America

A sophisticated malspam campaign was recently uncovered targeting Latin American countries, with a particular focus on Brazil. This operation utilizes a highly deceptive phishing email to trick users into executing a malicious MSI file, initiating a multi-stage infection. The core of the attack...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•10 views

Vite Arbitrary File Read

Vite suffers from an arbitrary file read vulnerability. Versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 are affected...

5.3CVSS5.3AI score0.74998EPSS
Exploits28
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•5 views

Reconstructing Intelligible Speech from the Pressure Sensor Data in HVACs

Pressure sensors are an integrated component of modern Heating, Ventilation, and Air Conditioning HVAC systems. As these pressure sensors operate within the 0-10 Pa range, support high sampling frequencies of 0.5-2 kHz, and are often placed close to human proximity, they can be used to eavesdrop ...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•4 views

Mobius Forensic Toolkit 2.16

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•4 views

ARMOR: Robust Reinforcement Learning-Based Control for UAVs under Physical Attacks

Unmanned Aerial Vehicles UAVs depend on onboard sensors for perception, navigation, and control. However, these sensors are susceptible to physical attacks, such as GPS spoofing, that can corrupt state estimates and lead to unsafe behavior. While reinforcement learning RL offers adaptive control...

6.6AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•4 views

Advancing Jailbreak Strategies: a Hybrid Approach to Exploiting LLM Vulnerabilities and Bypassing Modern Defenses

The advancement of Pre-Trained Language Models PTLMs and Large Language Models LLMs has led to their widespread adoption across diverse applications. Despite their success, these models remain vulnerable to attacks that exploit their inherent weaknesses to bypass safety measures. Two primary...

7.5AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•3 views

Reliability Analysis of Smart Contract Execution Architectures: a Comparative Simulation Study

The industrial market continuously needs reliable solutions to secure autonomous systems. Especially as these systems become more complex and interconnected, reliable security solutions are becoming increasingly important. One promising solution to tackle this challenge is using smart contracts...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•5 views

Fairness and Bias in Algorithmic Hiring: a Multidisciplinary Survey

Employers are adopting algorithmic hiring technology throughout the recruitment pipeline. Algorithmic fairness is especially applicable in this domain due to its high stakes and structural inequalities. Unfortunately, most work in this space provides partial treatment, often constrained by two...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•4 views

Pseudo-Equilibria, Or: How to Stop Worrying about Crypto and Just Analyze the Game

Whitepaper called Pseudo-Equilibria, Or: How To Stop Worrying About Crypto And Just Analyze The Game...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•6 views

One Video to Steal Them All: 3D-Printing IP Theft through Optical Side-Channels

The 3D printing industry is rapidly growing and increasingly adopted across various sectors including manufacturing, healthcare, and defense. However, the operational setup often involves hazardous environments, necessitating remote monitoring through cameras and other sensors, which opens the do...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/27 12:0 a.m.•3 views

Unifying Communication Paradigms in Delegated Quantum Computing

Delegated quantum computing DQC allows clients with low quantum capabilities to outsource computations to a server hosting a quantum computer. This process is typically envisioned within the measurement-based quantum computing framework, as it naturally facilitates blindness of inputs and...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

CyGym: a Simulation-Based Game-Theoretic Analysis Framework for Cybersecurity

We introduce a novel cybersecurity encounter simulator between a network defender and an attacker designed to facilitate game-theoretic modeling and analysis while maintaining many significant features of real cyber defense. Our simulator, built within the OpenAI Gym framework, incorporates...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•3 views

Inside Job: Defending Kubernetes Clusters against Network Misconfigurations

Kubernetes has emerged as the de facto standard for container orchestration. Unfortunately, its increasing popularity has also made it an attractive target for malicious actors. Despite extensive research on securing Kubernetes, little attention has been paid to the impact of network configuratio...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•13 views

WordPress Simple User Registration 6.3 Privilege Escalation

WordPress Simple User Registration plugin versions 6.3 and below suffer from an unauthenticated privilege escalation vulnerability. This is due to insufficient restrictions on user meta values that can be supplied during registration. This makes it possible for unauthenticated attackers to regist...

9.8CVSS6.7AI score0.02055EPSS
Exploits5
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•5 views

PhishKey: a Novel Centroid-Based Approach for Enhanced Phishing Detection Using Adaptive HTML Component Extraction

Phishing attacks pose a significant cybersecurity threat, evolving rapidly to bypass detection mechanisms and exploit human vulnerabilities. This paper introduces PhishKey to address the challenges of adaptability, robustness, and efficiency. PhishKey is a novel phishing detection method using...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

TEMPEST-LoRa: Cross-Technology Covert Communication

Electromagnetic EM covert channels pose significant threats to computer and communications security in air-gapped networks. Previous works exploit EM radiation from various components e.g., video cables, memory buses, CPUs to secretly send sensitive information. These approaches typically require...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•17 views

Boosting Generative Adversarial Transferability with Self-Supervised Vision Transformer Features

The ability of deep neural networks DNNs come from extracting and interpreting features from the data provided. By exploiting intermediate features in DNNs instead of relying on hard labels, we craft adversarial perturbation that generalize more effectively, boosting black-box transferability...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•5 views

Practical and Accurate Local Edge Differentially Private Graph Algorithms

Whitepaper called Practical And Accurate Local Edge Differentially Private Graph Algorithms...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

Balancing Privacy and Utility in Correlated Data: a Study of Bayesian Differential Privacy

Privacy risks in differentially private DP systems increase significantly when data is correlated, as standard DP metrics often underestimate the resulting privacy leakage, leaving sensitive information vulnerable. Given the ubiquity of dependencies in real-world databases, this oversight poses a...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

Traffic anomalies and attacks are commonplace in today's networks and identifying them rapidly and accurately is critical for large network operators. For a statistical intrusion detection system IDS, it is crucial to detect at the flow-level for accurate detection and mitigation. However, existi...

6.9AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•6 views

httpx 1.7.0 Denial of Service / Out-Of-Bounds Read

httpx version 1.7.0 suffers from an out-of-bounds read in trimTitleTags due to a missing bounds check when slicing the title string...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•12 views

On the Feasibility of Poisoning Text-To-Image AI Models Via Adversarial Mislabeling

Today's text-to-image generative models are trained on millions of images sourced from the Internet, each paired with a detailed caption produced by Vision-Language Models VLMs. This part of the training pipeline is critical for supplying the models with large volumes of high-quality image-captio...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development

This report, released by NSA and CISA, acknowledges the challenges and aims to provide a balanced view of the state of MSLs. Reducing memory safety vulnerabilities requires understanding when MSLs are appropriate, knowing how to adopt them effectively, and recognizing where non-MSLs remain...

7.3AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•19 views

Adversarial Threats in Quantum Machine Learning: a Survey of Attacks and Defenses

Quantum Machine Learning QML integrates quantum computing with classical machine learning, primarily to solve classification, regression and generative tasks. However, its rapid development raises critical security challenges in the Noisy Intermediate-Scale Quantum NISQ era. This chapter examines...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/26 12:0 a.m.•4 views

The Discovery, Disclosure, and Investigation of CVE-2024-25825

CVE-2024-25825 is a vulnerability found in FydeOS. This thesis describes its discovery, disclosure, and its further investigation in connection to a nation state actor. The vulnerability is CWE-1392: Use of Default Credentials, CWE-1393: Use of Default Password, and CWE-258: Empty Password in...

9.8CVSS7AI score0.00533EPSS
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•7 views

SIMulator: SIM Tracing on a (Pico-)Budget

SIM tracing -- the ability to inspect, modify, and relay communication between a SIM card and modem -- has become a significant technique in cellular network research. It enables essential security- and development-related applications such as fuzzing communication interfaces, extracting session...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•3 views

SPA: Towards More Stealth and Persistent Backdoor Attacks in Federated Learning

Federated Learning FL has emerged as a leading paradigm for privacy-preserving distributed machine learning, yet the distributed nature of FL introduces unique security challenges, notably the threat of backdoor attacks. Existing backdoor strategies predominantly rely on end-to-end label...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•3 views

Communication-Efficient Publication of Sparse Vectors under Differential Privacy

Whitepaper called Communication-Efficient Publication Of Sparse Vectors Under Differential Privacy...

7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•8 views

JsDeObsBench: Measuring and Benchmarking LLMs for JavaScript Deobfuscation

Deobfuscating JavaScript JS code poses a significant challenge in web security, particularly as obfuscation techniques are frequently used to conceal malicious activities within scripts. While Large Language Models LLMs have recently shown promise in automating the deobfuscation process,...

7.2AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•4 views

Empowering Digital Agriculture: a Privacy-Preserving Framework for Data Sharing and Collaborative Research

Data-driven agriculture, which integrates technology and data into agricultural practices, has the potential to improve crop yield, disease resilience, and long-term soil health. However, privacy concerns, such as adverse pricing, discrimination, and resource manipulation, deter farmers from...

6.8AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•3 views

CodeGuard: a Generalized and Stealthy Backdoor Watermarking for Generative Code Models

Generative code models GCMs significantly enhance development efficiency through automated code generation and code summarization. However, building and training these models require computational resources and time, necessitating effective digital copyright protection to prevent unauthorized lea...

7.1AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•6 views

Poster: Enhancing GNN Robustness for Network Intrusion Detection Via Agent-Based Analysis

Graph Neural Networks GNNs show great promise for Network Intrusion Detection Systems NIDS, particularly in IoT environments, but suffer performance degradation due to distribution drift and lack robustness against realistic adversarial attacks. Current robustness evaluations often rely on...

6.7AI score
Exploits0
packetstormnews
packetstormnews
•added 2025/06/25 12:0 a.m.•5 views

Rational Miner Behaviour, Protocol Stability, and Time Preference: an Austrian and Game-Theoretic Analysis of Bitcoin'S Incentive Environment

This paper integrates Austrian capital theory with repeated game theory to examine strategic miner behaviour under different institutional conditions in blockchain systems. It shows that when protocol rules are mutable, effective time preference rises, undermining rational long-term planning and...

6.8AI score
Exploits0
Total number of security vulnerabilities6894