Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...
Pocket Tactics

Clash Royale codes for February 2026

February 21, 2026: We added a new Clash Royale code to our list, offering a Jojo Musketeer banner set. There are currently active codes for in-game emotes and decoration items. Looking for some Clash ...
IEEE

Obfuscated Code Quality Measurement

Abstract: Nowadays, number of cyber-attacks aimed at software increases. Thus, improving the quality of software security services becomes acute. Confidentiality is one of the basic security services.
IEEE

Toward Efficient Deobfuscation via Large Language Models

Abstract: Obfuscation modifies code structure to impede reverse engineering and is widely used to protect intellectual property and evade malware detection. However, existing deobfuscation techniques ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
Pocket Tactics

Knockout codes February 2026

February 22, 2026: We added two new Knockout codes to our list for 500 ice and five spins! We also removed some expired codes It's not easy being the last penguin standing, as you well know, but our ...