Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...
Hackaday

This Week In Security: Linux Flaws, Python Ownage, And A Botnet Shutdown

Qualys reports the discovery by their threat research unit of vulnerabilities in the Linux AppArmor system used by SUSE, Debian, Ubuntu, and ...
The Hacker News

54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security

EDR killers exploit 34 vulnerable drivers via BYOVD, gaining kernel access to disable defenses, increasing ransomware success rates.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
IEEE

Malware Classification of Encrypted Network Traffic (2020–2025): A Comprehensive Review and Comparative Analysis

Abstract: With the near-ubiquitous adoption of QUIC/HTTP-3, TLS 1.3 and DNS-over-HTTPS (DoH), malware increasingly hides within Encrypted Network Traffic (ENT), challenging payload-centric intrusion ...
The Hacker News

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are ...
Forbes

AI Polymorphic Threats Are Forcing A Rethink Of Cybersecurity

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. * Packed and polymorphic malware have grown by about 26%, which is indicative of the ...
Bleeping Computer

FBI: Over $20 million stolen in surge of ATM malware attacks in 2025

The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM "jackpotting" attacks, in which criminals use malware to force cash machines to dispense money. According ...
IEEE

Optimal Packing for Encrypted and Compressed Key-Value Stores With Pattern-Analysis Security

Abstract: Rising concerns about data privacy and volume have driven the development of encrypted and compressed key-value (KV) storage systems. To defend against pattern-analysis attacks, the length ...