The Hacker News

Password Reuse in Disguise: An Often-Missed Risky Workaround

When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
IEEE

Optimizing Pre-Trained Code Embeddings With Triplet Loss for Code Smell Detection

Abstract: Code embedding represents code semantics in vector form. Although code embedding-based systems have been successfully applied to various source code analysis tasks, further research is ...
IEEE

A Novel Framework for Detecting Third-Party Libraries with Mitigation of Deceptive Code Reuse

Abstract: Third-party libraries (TPLs) are indispensable in modern software development. However, their widespread reuse introduces significant security and compliance risks, including the propagation ...