JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
A new coordinated cross-ecosystem software supply chain attack campaign has targeted npm, PyPI, and Crates.io to distribute credential-stealing malware. The campaign, codenamed TrapDoor, spans more ...
The popular Telnyx Python SDK is the latest victim of TeamPCP’s weeks-long supply chain campaign targeting the broad open source software ecosystem. The campaign started on March 19 with Aqua Security ...
IntroductionIn December 2025, Zscaler ThreatLabz identified a new command-and-control (C2) framework implant that we track as SnappyClient, which was delivered using HijackLoader. SnappyClient has an ...
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
Abstract: Wireless Sensor Networks (WSNs) require secure data transmission under strict resource constraints. This paper proposes LWC-WSN, a lightweight symmetric encryption scheme tailored for ...
xor-cipher is a fast implementation of the XOR cipher written using Rust. Our tests show that it can be 1000x faster than pure Python implementations. It has been optimized to breeze through datasets ...
In the digital age, images permeate every facet of our lives, often carrying critical information for organizations, institutions, and even nation-states. Ensuring their security against unauthorized ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results