MOLOT: New Static Analysis System for Detecting Malicious Code in Open-Source Packages
Researchers have developed MOLOT, a machine learning system that detects malicious code in Python and JavaScript packages by analyzing source code without requiring runtime execution or package metadata. The system uses behavior sequences derived from static call graphs and provides explanations by mapping suspicious activities back to source code locations. This approach addresses a critical security gap in software supply chains where malicious packages can evade detection in development environments.
MOLOT (Malicious Operational Logic Observation Transformer) is a static analysis security testing (SAST) system designed to identify malicious code in open-source packages when dynamic execution traces, package metadata, and maintainer history are unavailable or unreliable. The system represents source code as behavior sequences derived from static call graphs and includes an explanation stage that ranks suspicious activities and maps them back to specific source-code locations. Evaluated on packages from PyPI and npm, MOLOT was compared against existing open-source detection tools and validated under real-world constraints including runtime, memory usage, and false-positive rates observed in actual moderation workflows. The researchers also released Open Malicious-Code Bench, a public benchmark for reproducible evaluation of malicious-package detection methods. Results demonstrate that static behavior-sequence modeling can provide accurate, explainable, and deployable malicious-code detection suitable for modern DevSecOps workflows.
What different sources said
- arXiv cs.LGCenter
MOLOT System Card: Malicious Operational Logic Observation Transformer
Related
Gut Bacteria Enzyme Found to Break Down Heat-Processed Food Compounds, Producing Novel Biogenic Amines
Researchers have discovered that an enzyme in common gut bacteria can degrade N-epsilon-carboxymethyllysine (CML), a compound formed during thermal food processing, producing previously unknown biogenic amines. The enzyme, ornithine decarboxylase SpeC from enterobacteria, acts on CML and related modified lysine derivatives through a low-level 'underground' catalytic activity. This finding suggests a previously unrecognized communication axis between thermally processed dietary compounds and gut microbial physiology, with potential implications for host health.
Full-Length Gene Sequencing Reveals Two Distinct Bacterial Communities in Black-Legged Ticks Expanding Into Canada
Researchers used Oxford Nanopore full-length 16S rRNA gene sequencing to characterize the microbiome of Ixodes scapularis black-legged ticks collected in Nova Scotia, Canada, distinguishing between tick-adapted bacteria and environmentally acquired bacteria. The study comes as I. scapularis — the primary vector of Lyme disease — is rapidly expanding northward into Canada due to climate change. The findings suggest that environmentally derived bacteria in tick microbiomes are not mere contamination, which has implications for how tick microbiome data is collected and interpreted across surveillance studies.
Study Identifies Metabolic Link Between Cell Envelope Stress and Biofilm Formation in Bacteria
Researchers have discovered that the metabolite acetyl-CoA directly inhibits enzymes that degrade the bacterial signaling molecule c-di-GMP, connecting cell envelope biosynthesis stress to biofilm formation in Pseudomonas aeruginosa. The study found that sub-inhibitory concentrations of antibiotics targeting early peptidoglycan biosynthesis — but not other antibiotic classes — elevate c-di-GMP levels by reducing phosphodiesterase activity, with acetyl-CoA competing for the enzyme active site. Because the relevant enzyme domain is broadly conserved across bacterial species, this checkpoint mechanism may be widespread and could have implications for understanding antibiotic-induced biofilm responses.