digicat

CTI-REALM: Benchmark to Evaluate Agent Performance on Security Detection Rule Generation Capabilities (arxiv.org)

Network and Device Level Cyber Deception for Contested Environments Using RL and LLMs (arxiv.org)

Pwning AI Code Interpreters in AWS Bedrock AgentCore (www.beyondtrust.com)

RegPhantom Backdoor Threat Analysis (www.nextron-systems.com)

GhostLoader Malware: GitHub Repositories & AI Workflow Attacks Threat Labs - uses GitHub repositories and AI-assisted development workflows to deliver credential-stealing payloads on macOS. (www.jamf.com)

lolc2.github.io: lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection (github.com)

Advocate General Ćapeta: Member States may exclude Huawei hardware and software from 2G-4G and 5G telecommunications infrastructure on the basis that the manufacturer of that equipment poses a risk (curia.europa.eu)

TeamPCP deploys CanisterWorm on NPM following Trivy compromise (www.aikido.dev)

NIST SP 800-81r3 Final Publication | Secure Domain Name System (DNS) Deployment Guide | Final publication (csrc.nist.gov)

Android developer verification: Balancing openness and choice with safety (android-developers.googleblog.com)

Vishing and Microsoft Teams Used to Deliver PhantomBackdoor (www.catonetworks.com)

toast my way -abusing Windows toast notifications for fun and user manipulation (brmk.me)