Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Opinion

The A.I. Disruption We’ve Been Waiting for Has Arrived

We’re entering a new renaissance of software development. We should all be excited, despite the uncertainties that lie ahead.
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.
GitHub

Debugger Anti-Detection Benchmark

WubbabooMark is aimed to detect traces of usage of software debuggers or special software designed to hide debugger presence from the debugee by tampering with various aspects of the program ...