Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
SecurityWeek

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
IEEE

HawkSec: an AI Transformer Solution to Malware Detection in C/C++ Source Codes

Abstract: The increasing prevalence of sophisticated malware targeting software applications requires robust detection mechanisms, particularly for C/C++ codebases that underpin critical systems. This ...
Security Boulevard

Attacker Breached 600 FortiGate Appliances in AI-Assisted Campaign: Amazon

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...
IEEE

HyperMD: A Multi-Modal Malware Detection Method Using Performance Counters and Process Memory on Xen Platform

Abstract: Traditional malware detection techniques often struggle against the sophisticated obfuscation methods employed by modern malware. To address this challenge, this paper proposes HyperMD, a ...