Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
DataBreachToday

Bing AI Pushed Malware Posing as OpenClaw

Fake OpenClaw installers on GitHub deployed credential stealers and a proxy tool linked to the Black Basta ransomware group, while Bing's AI served the malicious ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

14,000 routers are infected by malware that’s highly resistant to takedowns

Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices—primarily made by Asus—that have been conscripted into a proxy network that anonymously ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Bleeping Computer

New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network

A newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. Since August 2025, KadNap has grown to ...
IEEE

PAEWS: Public-Key Authenticated Encryption With Wildcard Search Over Outsourced Encrypted Data

Abstract: Public-key Encryption with Keyword Search (PEKS) is a promising cryptographic mechanism that enables a semi-trusted cloud server to perform (on-demand) keyword searches over encrypted data ...