Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Security Boulevard

There’s Always Something: Secrets Detection at Engagement Scale with Titus

TL;DR: Titus is an open source secret scanner from Praetorian that detects and validates leaked credentials across source code, binary files, and HTTP traffic. It ships with 450+ detection rules and ...
IEEE

Scanner-Hunter: An Effective ICS Scanning Group Identification System

Abstract: As the precursor of cyber-attacks, the campaigns of scanning groups are able to reflect the attack target and attack trend to a great extent, which provide highly valuable threat ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
The Washington Post

Inside an AI start-up’s plan to scan and dispose of millions of books

In early 2024, executives at artificial intelligence start-up Anthropic ramped up an ambitious project they sought to keep quiet. “Project Panama is our effort to destructively scan all the books in ...