Cybernews

New Shai-Hulud 3.0 variant discovered, closing out 2025 with a malware bang

A new strain of the Shai Hulud worm is discovered by researchers, signaling the self-propagating supply chain threat ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
The Hacker News

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...

Zoom Stealer browser extensions harvest corporate meeting intelligence

A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
GitHub

A lightweight C# obfuscation tool for .NET applications.

(It was created for a proprietary project called Simorgh, a clone of Logicube Falcon device.) How does string encryption work? String literals in C# files are replaced with encrypted versions using ...
GitHub

Prompt Obfuscation for Large Language Models

This repository contains the source code and experimental framework for the paper "Prompt Obfuscation for Large Language Models". This artifact provides the tools to perform and evaluate two prompt ...