Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
WeLiveSecurity

DoNot Go! Do not respawn!

Donot Team (also known as APT-C-35 and SectorE02) is a threat actor operating since at least 2016 and known for targeting organizations and individuals in South Asia with Windows and Android malware.
GitHub

proc_creation_win_rundll32_susp_activity.yml

- https://twitter.com/nas_bench/status/1433344116071583746 # dfshim.dll,ShOpenVerbShortcut - https://twitter.com/eral4m/status/1479106975967240209 # scrobj.dll ...