The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Techzine Europe

Cloudflare builds AI-driven alternative to Next.js

Cloudflare has quickly developed an experimental alternative to Next.js, largely powered by generative AI. The project, ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
腾讯网

SafeGear Check:采用基于Nicla Vision的AI方案检测个人防护装备

图源:Ahmad Soleh/Stock.adobe.com;图片由AI生成 图源:Ahmad Soleh/Stock.adobe.com;图片由AI生成 美国劳工部职业安全与健康管理局(OSHA)的一项研究表明,70%遭受严重手部伤害的工人在事发时没有佩戴手套[1]。这是个人防护装备(PPE)能够预防工伤的典型案例之一。 本项目将构建一个名为SafeGear Check的安全装备检测系统,该系统 ...

实时交互型钓鱼套件驱动的语音钓鱼攻击机制与防御研究

这种“实时交互型”攻击模式的核心优势在于其极高的灵活性和欺骗性。攻击者可以利用社交工程话术解释页面上的异常行为,消除受害者的疑虑;同时,通过实时中继技术,攻击者能够在受害者输入验证码的瞬间,将其转发至真实的目标系统进行验证,从而成功通过MFA检查并窃 ...

Enabling Linux in Safety Applications (ELISA) Project Expands Premier Membership with NVIDIA

NVIDIA joins existing premier members Boeing and Redhat.