Malicious Package

Overview @doctolib-apps/native-personalized-services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

MAL-2026-4186 Malicious code in @doctolib-apps/native-personalized-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac2da4b8de2ea081f8fe7b84ef6182ab363616dc0515aaa03368bcba4a4b8e76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Profiling User Vulnerability to Phishing through Psychological and Behavioral Factors

Phishing remains one of the most pervasive cybersecurity threats, shifting the focus from technological vulnerabilities to human cognitive and psychological factors. In coherence with the trend of studies on phishing to increasingly focus on human aspects and vulnerable users profiling, this stud...

Personal AI Infrastructure 5.0.0

PAI is a Personalized AI Platform designed to magnify your capabilities. It's designed for humans most of all, but can be used by teams, companies, or Federations of Planets desiring to be better versions of themselves. The goal of the project is to get people working with AI and lower the bar...

Context-Aware Spear Phishing: Generative AI-Enabled Attacks against Individuals Via Public Social Media Data

We demonstrate how publicly available social-media data and generative AI GenAI can be misused to automate and scale highly personalized, context-aware spear-phishing campaigns. With minimal attacker effort, a small amount of public activity per target is sufficient for GenAI models to extract...

More PayPal emails hijacked to deliver tech support scams

Scammers have found another way to get deceptive messages delivered through PayPal’s legitimate services. In December 2025, we reported that PayPal closed a loophole that let scammers send real emails with fake purchase notices. In those cases, scammers created a PayPal subscription and then paus...

Fake YouTube copyright notices can steal your Google login

A convincing phishing campaign is going after YouTube creators, and if it works, attackers don't just steal your Google login. They can take over your entire Google account, including Gmail, your files, and payments, then hijack your YouTube channel and use your audience to run scams. The lure is...

Credit Resources Vault: Why this credit email set off our scam alarms

If there is anything that annoys me more than a scammer, it's companies that behave like one, while staying just on the right side of the law. They manage to linger and disappoint customers for years. It's also why sometimes people think that Malwarebytes Scam Guard can be overly cautious when...

Towards Personalizing Secure Programming Education with LLM-Injected Vulnerabilities

According to constructivist theory, students learn software security more effectively when examples are grounded in their own code. Generic examples often fail to connect with students' prior work, limiting engagement and understanding. Advances in LLMs are now making it possible to automatically...

Personal AI Infrastructure 4.0.3

PAI is a Personalized AI Platform designed to magnify your capabilities. It's designed for humans most of all, but can be used by teams, companies, or Federations of Planets desiring to be better versions of themselves. The goal of the project is to get people working with AI and lower the bar...

Are we ready for ChatGPT Health?

How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...

CurricuLLM: Designing Personalized and Workforce-Aligned Cybersecurity Curricula Using Fine-Tuned LLMs

The cybersecurity landscape is constantly evolving, driven by increased digitalization and new cybersecurity threats. Cybersecurity programs often fail to equip graduates with skills demanded by the workforce, particularly concerning recent developments in cybersecurity, as curriculum design is...

Operation ForumTroll continues: Russian political scientists targeted using plagiarism reports

Introduction In March 2025, we discovered Operation ForumTroll, a series of sophisticated cyberattacks exploiting the CVE-2025-2783 vulnerability in Google Chrome. We previously detailed the malicious implants used in the operation: the LeetAgent backdoor and the complex spyware Dante, developed ...

Mem3nt0 mori – The Hacking Team is back!

In March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was...

EUVD-2023-48484

Malicious code in bioql PyPI...

An Efficient Recommendation Filtering-Based Trust Model for Securing Internet of Things

Trust computation is crucial for ensuring the security of the Internet of Things IoT. However, current trust-based mechanisms for IoT have limitations that impact data security. Sliding window-based trust schemes cannot ensure reliable trust computation due to their inability to select appropriat...

Towards Privacy-Preserving and Personalized Smart Homes Via Tailored Small Language Models

Large Language Models LLMs have showcased remarkable generalizability in language comprehension and hold significant potential to revolutionize human-computer interaction in smart homes. Existing LLM-based smart home assistants typically transmit user commands, along with user profiles and home...

Client Clustering Meets Knowledge Sharing: Enhancing Privacy and Robustness in Personalized Peer-To-Peer Learning

The growing adoption of Artificial Intelligence AI in Internet of Things IoT ecosystems has intensified the need for personalized learning methods that can operate efficiently and privately across heterogeneous, resource-constrained devices. However, enabling effective personalized learning in...

Personalized Constitutionally-Aligned Agentic Superego: Secure AI Behavior Aligned to Diverse Human Values

Agentic AI systems, possessing capabilities for autonomous planning and action, exhibit immense potential across diverse domains. However, their practical deployment is significantly hampered by challenges in aligning their behavior with varied human values, complex safety requirements, and...

Sylva: Tailoring Personalized Adversarial Defense in Pre-Trained Models Via Collaborative Fine-Tuning

Whitepaper called Sylva: Tailoring Personalized Adversarial Defense In Pre-Trained Models Via Collaborative Fine-Tuning...