SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
IEEE

Encryption-Decryption-Based State Estimation With Multirate Measurements Against Eavesdroppers: A Recursive Minimum-Variance Approach

Abstract: This article is concerned with the secure state estimation problem for a networked system with multirate measurements. The measurement data are transmitted to the estimator over a ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

For the 2nd time in weeks, Microsoft packages laced with credential stealer

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI ...
IEEE

A Lightweight Image Encryption Algorithm Based on Secure Key Generation

Abstract: Data confidentiality and security are important issues due to the sensitivity of the data and its relationship with users’ privacy. Sensitive data includes images and texts that can be ...
Meduza

Russia’s federal censor denies blocking Python’s package index as developers scramble for workarounds

On Monday, Russian users found they could no longer reach PyPI, the package repository that Python developers rely on for ...