Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Risk

FX options API trading takes off at quant hedge funds

In the fast-paced world of spot foreign exchange trading, dealers send a constant stream of prices to some of the most active market participants directly. And in most cases, clients secure the best ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...