MAL-2026-4706 Malicious code in vite-plugin-css-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...

Blind Spots in the Guard: How Domain-Camouflaged Injection Attacks Evade Detection in Multi-Agent LLM Systems

Injection detectors deployed to protect LLM agents are calibrated on static, template-based payloads that announce themselves as override directives. We identify a systematic blind spot: when payloads are generated to mimic the domain vocabulary and authority structures of the target document, wh...

Still Camouflage, Moving Illusion: View-Induced Trajectory Manipulation in Autonomous Driving

Existing physical adversarial attacks on vision-based autonomous driving induce time-evolving perception errors, including biased object tracking or trajectory prediction, through i sophisticated physical patch inducing detection box drift when entering the view distance, or ii dynamically changi...

Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors

Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is sufficient to steal them. Current passive...

Friday Squid Blogging: Squid Camouflage

New research: Abstract: Coleoid cephalopods have the most elaborate camouflage system in the animal kingdom. This enables them to hide from or deceive both predators and prey. Most studies have focused on benthic species of octopus and cuttlefish, while studies on squid focused mainly on the...

EUVD-2013-0191

Malware in sbrugna...

Web Fraud Attacks against LLM-Driven Multi-Agent Systems

With the proliferation of applications built upon LLM-driven multi-agent systems MAS, the security of Web links has become a critical concern in ensuring system reliability. Once an agent is induced to visit a malicious website, attackers can use it as a springboard to conduct diverse subsequent...

Designing with Deception: ML- and Covert Gate-Enhanced Camouflaging to Thwart IC Reverse Engineering

Integrated circuits ICs are essential to modern electronic systems, yet they face significant risks from physical reverse engineering RE attacks that compromise intellectual property IP and overall system security. While IC camouflage techniques have emerged to mitigate these risks, existing...

Perplexity AI ignores no-crawling rules on websites, crawls them anyway

Imagine putting up a no-trespassing sign for people walking their dogs, and then finding out that one person dresses up their Great Dane as a calf and walks it on your grounds. Well that's sort of what AI answer engine Perplexity has been doing, by evading the no-crawl directives of websites,...

BitBypass: a New Direction in Jailbreaking Aligned Large Language Models with Bitstream Camouflage

The inherent risk of generating harmful and unsafe content by Large Language Models LLMs, has highlighted the need for their safety alignment. Various techniques like supervised fine-tuning, reinforcement learning from human feedback, and red-teaming were developed for ensuring the safety alignme...

CVE-2013-0148

The Data Camouflage aka FairCom Standard Encryption algorithm in FairCom c-treeACE does not ensure that a decryption key is needed for accessing database contents, which allows context-dependent attackers to read cleartext database records by copying a database to another system that has a certai...

Friday Squid Blogging: A New Explanation of Squid Camouflage

New research: An associate professor of chemistry and chemical biology at Northeastern University, Deravi’s recently published paper in the Journal of Materials Chemistry C sheds new light on how squid use organs that essentially function as organic solar cells to help power their camouflage...

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Vict...

Friday Squid Blogging: More Squid Camouflage Research

Heres a research group trying to replicate squid cell transparency in mammalian cells. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Friday Squid Blogging: Squid Filmed Changing Color for Camouflage Purposes

Video of oval squid Sepioteuthis lessoniana changing color in reaction to their background. The research paper claims this is the first time this has been documented. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog...

camouflage.ca Cross Site Scripting vulnerability OBB-2343282

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

New Golang-based Linux Malware Targeting eCommerce Websites

Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that's capable of stealing payment information from compromised websites. "The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common onli...

WordPress Malware Camouflaged As Code

In today’s post we discuss emerging techniques that attackers are using to hide the presence of malware. In the example we discuss below, the attacker’s goal is to make everything look routine to an analyst so that they do not dig deeper and discover the presence of malware and what it is doing. ...

Friday Squid Blogging: New Research on Squid Camouflage

From the New York Times: Now, a paper published last week in Nature Communications suggests that their chromatophores, previously thought to be mainly pockets of pigment embedded in their skin, are also equipped with tiny reflectors made of proteins. These reflectors aid the squid to produce such...

Portspoof - Enhance Your Systems Security Through A Set Of New Camouflage Techniques

The Portspoof program primary goal is to enhance your system's security through a set of new camouflage techniques. As a result of applying them your attackers' port scan result will become entirely mangled and to very significant extent meaningless. Techniques used to achieve this: All configure...