AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Sweden probes reported leak of e-government platform source code

Hackers claimed to have leaked the source code of the Swedish e-government services platform, creating widespread concerns of more incoming exploits through unpatched vulnerabilities.
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
IEEE

Automated Web Application Hacking Framework

Abstract: Bug bounty programs are now trending in the field of cyber security. For independent bug hunters, it offers benefits to discover and report vulnerabilities in software systems. When a ...
IEEE

Cross-Language Code Development with Generative AI: A Source-to-Source Translation Perspective

Abstract: Since the release of ChatGPT in November 2022, there is growing interest around the world on exploring the capabilities of generative AI tools. In addition to text, image, audio, and video ...
NDTV

Claude Code Security: How Anthropic Is Using AI To Find Software Flaws

US-based AI company Anthropic has launched Claude Code Security, a new feature inside its web-based Claude Code platform. The capability is now available in a limited research preview for Enterprise ...