Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
IEEE

Effect of Obfuscation on Human Pose Estimation Models: Can We Balance Privacy and Accuracy?

Abstract: Human pose estimation (HPE) models based on RGB images are widely used in applications such as surveillance, sports analytics, and healthcare. However, they often overlook privacy ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
GitHub

‍♂️ Loki Command & Control

Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
IEEE

Encrypted-State Quantum Compilation Scheme Based on Quantum Circuit Obfuscation for Quantum Cloud Platforms

Abstract: With the rapid advancement of quantum computing, quantum compilation has become a crucial layer connecting high-level algorithms with physical hardware. In quantum cloud computing, ...