Malicious AI extensions on VSCode Marketplace steal developer data

Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
The Hacker News

New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack

Experts uncovered a new Osiris ransomware strain that used a custom POORTRY driver in a BYOVD attack to disable security tools & steal data in 2025.

Skeleton Key attack shows how hackers are bypassing malware defenses using legitimate software

Attackers are increasingly bypassing traditional malware defenses by weaponizing legitimate remote monitoring and management ...

Chainlit AI framework bugs let hackers breach cloud environments

Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, ...
CSO Online

Flaws in Chainlit AI dev framework expose servers to compromise

Security researchers uncovered two vulnerabilities in the popular Python-based AI app building tool that could allow ...
IEEE

SecPack: Secure Data Access for Encrypted Key-Value Stores Using Data-Packing

Abstract: With the explosive growth of data, many users are outsourcing their local private data to cloud servers for encrypted key-value storage. However, recent research indicates that even if data ...
GitHub

Hybrid Public Key Encryption

See the guidelines for contributions. Contributions can be made by creating pull requests. The GitHub interface supports creating pull requests using the Edit ( ) button.
AZ Central

ANY.RUN Releases Malware Trends Report for Q4 2025, Highlighting Key Threat Landscape Shifts

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 7, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence ...