Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
SecurityWeek

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...
IEEE

Hybrid Approach for Zero-Day Malware Detection Using Deep Features and Support Vector Machines

Abstract: Because zero-day malware bypasses traditional signature-based detection methods, it poses a significant threat. The paper investigates a deep learning approach to classifying zero-day ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.
IEEE

HawkSec: an AI Transformer Solution to Malware Detection in C/C++ Source Codes

Abstract: The increasing prevalence of sophisticated malware targeting software applications requires robust detection mechanisms, particularly for C/C++ codebases that underpin critical systems. This ...
Security Boulevard

Attacker Breached 600 FortiGate Appliances in AI-Assisted Campaign: Amazon

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...