Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...
The Hacker News

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
SecurityWeek

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Nature

Detecting application layer DDoS attack using an advanced signature detection algorithm

We are providing an unedited version of this manuscript to give early access to its findings. Before final publication, the manuscript will undergo further editing. Please note there may be errors ...
IEEE

Lightweight DDoS Attack Detection Using Bayesian Space-Time Correlation

Abstract: DDoS attacks are still one of the primary sources of problems on the Internet and continue to cause significant financial losses for organizations. To mitigate their impact, detection should ...
IEEE

Online Network DoS/DDoS Detection: Sampling, Change Point Detection, and Machine Learning Methods

Abstract: Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks continue to pose significant threats to networked systems, causing disruptions that can lead to substantial financial ...