New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Aethyr Research has released post-quantum encrypted IoT edge node firmware for ESP32-S3 targets that boots in 2.1 seconds and ...

Abstract: CT images provide medical practitioners with a scientific and intuitive rationale for the diagnosis of clinical diseases. The Internet of Medical Things (IoMT) and telemedicine facilitate ...

Abstract: This paper gives a comprehensive review of quantum cryptographic advances in the context of the most critical vulnerabilities that classical encryption schemes have in the era of quantum ...

A sophisticated, cross-platform keylogger written in Python with advanced features including AES-256 encryption, silent background operation, automatic startup/restart capabilities, and daily log ...

BAR (Burn After Reading) is my project to showcase skills in security, cryptography, and logic design. It’s an offline desktop app for sensitive file management with encryption and self-destruction ...