The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
The Hacker News

Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs

Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.
IEEE

DualGuard: Obfuscated Federated Learning With Two-Party Secure Robust Aggregation

Abstract: Federated learning (FL) is a promising privacy-preserving distributed machine learning paradigm. However, data privacy leakage and Byzantine clients are common challenges in the FL ...
IEEE

Cortex: A Heterogeneous Graph Transformer Framework for Detecting Obfuscated Webshells

Abstract: Static webshell detection is increasingly challenged by sophisticated code obfuscation techniques that degrade the performance of existing models. To address this, we propose Cortex, a novel ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors increasingly rely on lightweight, stealthy ...
GitHub

Header-only compile-time variables obfuscation library for C++20 and later.

The screenshots show only a small portion of the int main() function. In reality, the function can grow to around 250 lines depending on the compiler. Wide String Operations (Low) 31.8 ns 31.4 ns 47.5 ...