javascript
-
Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware…
Read More » -
Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new…
Read More » -
New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation
Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come…
Read More » -
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the…
Read More » -
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version…
Read More » -
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript…
Read More » -
GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws
GitHub on Wednesday announced that it’s making available a feature called code scanning autofix in public beta for all Advanced…
Read More » -
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious…
Read More » -
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The…
Read More » -
VexTrio: The Uber of Cybercrime – Brokering Malware for 60+ Affiliates
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio…
Read More »