Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
WeLiveSecurity

PromptSpy ushers in the era of Android threats using GenAI

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.