Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Investopedia

De-Dollarization: What Is It, and Is It Happening?

Michael Bromberg is a finance editor with a decade of experience. He is an expert at elucidating complex financial topics in clear, concise language. Michael received a Bachelor of Arts in literature ...
IEEE

Invertible Image Obfuscation for Facial Privacy Protection via Secure Flow

Abstract: This paper presents a fresh paradigm for protecting facial privacy via an invertible image obfuscation framework that incorporates multiple characteristics including anonymity, diversity, ...
IEEE

DistShield: Distribution Preserving Model Obfuscation for Real-Time TEE-Shielded Secure Inference on IoT devices

Abstract: While on-device inference avoids network latency and private data uploading in IoT, the risk of model thefts has raised serious concern. As a solution, state-of-the-art approach obfuscates ...