Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
WinBuzzer

Leaked Code Reveals OpenAI’s Secret Government Surveillance Network

Researchers have exposed OpenAI's covert Persona watchlist, active since 2023, screening users for government agencies via 53 ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
IEEE

RL-Optimized Lightweight Obfuscation Against Binary Code Similarity Detection

Abstract: Binary Code Similarity Detection (BCSD) identifies functions with similar functionality across binaries. Reverse engineers leverage BCSD techniques to locate critical functions in software, ...
GitHub

Iran DPI Bypass System - SMTP Tunnel with Multi-Layer Obfuscation

There was an error while loading. Please reload this page.
IEEE

Cortex: A Heterogeneous Graph Transformer Framework for Detecting Obfuscated Webshells

Abstract: Static webshell detection is increasingly challenged by sophisticated code obfuscation techniques that degrade the performance of existing models. To address this, we propose Cortex, a novel ...