Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

Chaotic Eclipse' released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an ...
Microsoft

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of ...
GitHub

Azure AI Content Understanding Samples (Python)

Welcome! This repository contains REST API tutorial samples that demonstrate how to use the Azure AI Content Understanding service directly via HTTP calls with thin Python convenience wrappers. These ...
GitHub

Azure Guest Attestation SDK

Azure Attestation SDK for Confidential VMs (Intel TDX, AMD SEV-SNP) and TrustedLaunch VMs on Azure, providing TPM 2.0 operations and TEE attestation capabilities. ├── Cargo.toml # Workspace root ├── ...
Bleeping Computer

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on ...
Ars Technica

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...