Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
The Hacker News

CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.
cybernews

Threat actors linked to Russia target Ukrainian entities with new backdoor

A new campaign targeting Ukrainian entities and attributed to actors linked to Russia employs various judicial- and charity-themed lures to deploy a JavaScript‑based backdoor that runs in the Edge ...
IEEE

Feistel-PUF: Sequential Obfuscation-Based Machine Learning Attack-Resistant Physical Unclonable Function for IoT Device Security Authentication

Abstract: Device authentication protocols based on a strong physical unclonable function (PUF) show promise for enhancing Internet of Things (IoT) security. However, a strong PUF is vulnerable ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
IEEE

A Parallel Feedback Obfuscation Strong PUF Against Machine-Learning Modeling Attacks and Lightweight Authentication Protocol

Abstract: Arbiter physical unclonable function (APUF) is a hardware security primitive that generates security keys by utilizing unavoidable process variations during chip manufacturing. However, the ...