IEEE

Generation and Detection of Face Morphing Attacks

Abstract: Failure of facial recognition and authentication system may lead to several unlawful activities. The current facial recognition systems are vulnerable to different biometric attacks. This ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...
Vator

Top AI news of the week #54: Advsr AI Spotlight

Advsr AI Spotlight Highlighting notable AI moves at the intersection of strategic operating companies and emerging startups.
Microsoft

Microsoft Research

Microsoft Research conducts fundamental science and technology research across a spectrum of research areas. With labs around the globe we pursue breakthroughs across the computing and AI stack to ...

Security News This Week: Crypto-Funded Chinese Peptide Labs Are Booming

Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite ...
GitHub

face-detection

Object Detection toolkit based on PaddlePaddle. It supports object detection, instance segmentation, multiple object tracking and real-time multi-person keypoint detection.
CSOonline

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...
VentureBeat

Anthropic Skill scanners passed every check. The malicious code rode in on a test file.

Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is detected. No shell ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible ...
Wired

Security News This Week: Moltbook, the Social Network for AI Agents, Exposed Real Humans ...

An analysis by WIRED this week found that ICE and CBP’s face recognition app Mobile Fortify, which is being used to identify people across the United States, isn’t actually designed to verify who ...
Security Boulevard

Threat hunting to detection engineering: Analyzing real malware with Claude Code ...

Claude Code, originally just auto-complete on steroids for IDEs, shows a lot of promise for becoming a major tool in the DFIR/detection engineering/security analyst’s toolbox. Whether it’s Claude Code ...
The Hacker News

Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence ...