Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...
SecurityWeek

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration

Vulnerabilities in PDF platforms from Foxit and Apryse could have been exploited for account takeover, data exfiltration, and other attacks.
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.
eWeek

Fake AI Chrome Extensions Exposed 260,000 Users, Targeting Gmail

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...
IEEE

Fine-grained Manipulation Attacks to Local Differential Privacy Protocols for Data Streams

Abstract: Local Differential Privacy (LDP) enables massive data collection and analysis while protecting end users' privacy against untrusted aggregators. It has been ...

Security concerns and skepticism are bursting the bubble of Moltbook, the viral AI social forum

Moltbook, a so-called social network built exclusively for AI agents, has generated buzz in the technology world and posts ...
IEEE

EMMA: Scaling Mobile Manipulation via Egocentric Human Data

Abstract: Scaling mobile manipulation imitation learning is bottlenecked by expensive mobile robot teleoperation. We present Egocentric Mobile MAnipulation (EMMA), an end-to-end framework training ...
dlnews

Korean regulators open probe into ZKsync price ‘manipulation’ after 970% surge on Upbit

Traders could face prison time if found guilty of price manipulation. Financial Security Service says a formal investigation may follow. Prices spiked dramatically on February 1 ahead of Upbit ...