javascript
-
Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability
E-commerce sites using Adobe’s Magento 2 software are the target of an ongoing campaign that has been active since at…
Read More » -
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate…
Read More » -
New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3
Cybersecurity researchers have discovered a new version of malware called Rilide that targets Chromium-based web browsers to steal sensitive data…
Read More » -
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader…
Read More » -
A Data Exfiltration Attack Scenario: The Porsche Experience
As part of Checkmarx’s mission to help organizations develop and deploy secure software, the Security Research team started looking at…
Read More » -
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
A legitimate Windows search feature is being exploited by unknown malicious actors to download arbitrary payloads from remote servers and…
Read More » -
Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware
The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could…
Read More » -
Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct…
Read More »