Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
IEEE

An Enhanced Opaque Predicate Detection Method with Synthesis and Recursive Matching

Abstract: Program obfuscation transforms source code into a complex, harder-to-analyze form while preserving functionality, commonly used for intellectual property protection and security. Although it ...
Security Boulevard

DataDome Releases VM-Based Obfuscation: The Next Evolution in Client-Side Detection Security

In the ongoing arms race between fraudsters and security teams, client-side detection represents both a critical defense layer and an inherent vulnerability. DataDome’s detection logic, running ...
IEEE

Toward Private, Trusted, and Fine-Grained Inference Cloud Outsourcing with on-Device Obfuscation and Verification

Abstract: More and more AI-enabled applications are deployed on numerous devices, which rely on cloud platforms to provide complicated AI models and execution. The untrusted cloud environment raises ...