IEEE

GAME-RL: Generating Adversarial Malware Examples Against API Call Based Detection via Reinforcement Learning

Abstract: The adversarial example presents new security threats to trustworthy detection systems. In the context of evading dynamic detection based on API call sequences, a practical approach involves ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
Infosecurity-magazine.com

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System ...
Fox News

Android malware hidden in fake antivirus app

If you use an Android phone, this deserves your attention. Cybersecurity researchers warn that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to ...
Bleeping Computer

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. The activity has been ongoing since at ...
Ars Technica

Once-hobbled Lumma Stealer is back with lures that are hard to resist

Last May, law enforcement authorities around the world scored a key win when they hobbled the infrastructure of Lumma, an infostealer that infected nearly 395,000 Windows computers over just a ...
Bleeping Computer

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware. LummaStealer, also known as LummaC2, ...
Tom's Guide

A new spyware called ZeroDayRat can take over your iPhone or Android via text — here is how to stay safe

Samsung Phones Samsung Galaxy S26 just got a new tool to protect you from scam calls and texts — here's how it works iPhones iOS 26.4 beta 2 now lets iPhones send encrypted RCS messages to Android — ...
CSOonline

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

The AI agent platform has added a Google-owned threat intelligence service to the ClawHub marketplace, following the discovery of 341 malicious skills and shadow IT deployments. OpenClaw, the viral ...