IEEE

Extending Memory-Based Obfuscated Malware Detection with Network Behavior

Abstract: Obfuscated and fileless malware families evade traditional detection systems by residing exclusively in memory and employing stealthy techniques such as process injection and encrypted ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

Microsoft Defender Experts identified a coordinated developer-targeting campaign delivered through malicious repositories disguised as legitimate Next.js projects and technical assessment materials.
CSOonline

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
IEEE

TransAST: A Machine Translation-Based Approach for Obfuscated Malicious JavaScript Detection

Abstract: As an essential part of the website, JavaScript greatly enriches its functions. At the same time, JavaScript has become the most common attack payload on malicious websites. Although ...
Infosecurity-magazine.com

New BeaverTail Malware Variant Linked to Lazarus Group

A newly observed variant of the BeaverTail malware has been tied to hackers associated with North Korea. The findings come from Darktrace’s latest The State of Cybersecurity report, which links ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
financefeeds

Hacker nutzen JavaScript-Bibliothek aus, um Krypto-Wallet-Drainer einzusetzen

Hacker haben Exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on kryptowährung platforms. The React team released a patch on December ...
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
Bleeping Computer

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
The Hacker News

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named ...
bitnewsbot

New JS#SMUGGLER Campaign Distributes NetSupport RAT Malware

Cybersecurity researchers have identified a new malware campaign called JS#SMUGGLER that spreads the remote access trojan NetSupport RAT via compromised websites. The campaign uses several steps: ...
Bleeping Computer

Google exposes BadAudio malware used in APT24 espionage campaigns

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. Since 2022, ...