javascript

August 20, 2025

Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems

Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts…
Read More »
August 8, 2025

DarkCloud Stealer Targets Windows Systems to Harvest Login Credentials and Financial Data

A new variant of the DarkCloud information-stealer malware has been observed targeting Microsoft Windows systems, primarily affecting Windows users by…
Read More »
August 4, 2025

Vulnerabilities in Government-Linked Partner Software Allow Remote Code Attacks

Multiple serious security vulnerabilities have been discovered in Partner Software and Partner Web applications widely used by government agencies and…
Read More »
July 21, 2025

AI-Powered Cloaking Tools Help Threat Actors Hide Malicious Domains from Security Scans

Threat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from…
Read More »
July 20, 2025

New Surge of Crypto-Jacking Hits Over 3,500 Websites

Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a…
Read More »
July 19, 2025

Chinese Threat Actors Operate 2,800 Malicious Domains to Distribute Windows Malware

A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily…
Read More »
July 17, 2025

How Threat Actors Embed Malicious JavaScript in Vector Files

Cybersecurity researchers have identified an emerging attack campaign where threat actors are weaponizing Scalable Vector Graphics (SVG) files to deliver…
Read More »
July 9, 2025

Supply Chain Attack Unleashed via Compromised VS Code Extension

A sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with…
Read More »
July 9, 2025

Splunk SOAR Addresses Vulnerabilities in Third-Party Packages – Update Now

Splunk has published a critical security advisory revealing that its Security Orchestration, Automation and Response (SOAR) platform was shipping vulnerable…
Read More »
June 19, 2025

jQuery Migrate Library Compromised to Steal Logins via Parrot Traffic Direction System

Security researchers from the Trellix Advanced Research Centre have uncovered a sophisticated malware campaign exploiting the widely trusted jQuery Migrate…
Read More »
June 16, 2025

Katz Stealer Boosts Credential Theft with System Fingerprinting and Persistence Mechanisms

The emergence of Katz Stealer, a sophisticated information-stealing malware-as-a-service (MaaS) that is redefining the boundaries of credential theft. First detected…
Read More »
June 10, 2025

Google Vulnerability Allowed Hackers to Access User Phone Numbers

A security researcher has disclosed a critical vulnerability in Google’s account recovery system that allowed attackers to brute-force and obtain…
Read More »
June 3, 2025

New Safari XSS Vulnerability Exploits JavaScript Error Handling to Run Arbitrary Code

Cross-site scripting (XSS) remains one of the most persistent threats in web security, but most discussions focus on traditional vectors.…
Read More »
May 30, 2025

PureHVNC RAT Uses Fake Job Offers and PowerShell to Evade Security Defenses

A new and highly evasive malware campaign delivering the PureHVNC Remote Access Trojan (RAT) has been identified by Netskope Threat…
Read More »
May 27, 2025

Mozilla Quickly Fixes Firefox Vulnerabilities from Pwn2Own 2025 with Urgent Patches

At this year’s Pwn2Own Berlin, security researchers successfully demonstrated two new zero-day exploits against Mozilla Firefox, targeting the browser’s content…
Read More »
May 25, 2025

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as an “uncensored” and “private” alternative…
Read More »
May 22, 2025

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based…
Read More »
May 21, 2025

Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security

A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party JavaScript to deliver a Chinese adult-content…
Read More »
May 19, 2025

Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems

Cybersecurity researchers have unearthed a sophisticated attack leveraging AutoIT, a long-standing scripting language known for its deep integration with Windows…
Read More »
May 13, 2025

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware has evolved with sophisticated PowerShell tools…
Read More »

Previous page Next page