Security News

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
2024-12-03 05:23

A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT. The campaign, dubbed...

Polyfill.io JavaScript supply chain attack impacts over 100K sites
2024-06-25 18:10

Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. The polyfill.io service is used by hundreds of thousands of sites to allow all visitors to use the same codebase, even if their browsers do not support the same modern features as newer ones.

The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell
2024-05-23 05:33

Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script (VBScript) in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell....

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
2024-04-16 15:16

Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source...

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide
2023-12-21 12:38

A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across...

Something nasty injected login-stealing JavaScript into 50K online banking sessions
2023-12-20 23:45

IBM Security has dissected some JavaScript code that was injected into people's online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023. This injected code executes on the page in the browser, and intercepts the victim's credentials as they are entered, which can be passed to fraudsters to exploit to drain accounts.

Socket moves beyond JavaScript and Python and gets into Go
2023-08-02 01:58

CEO, fresh with funds, lays out the dependency dilemma Interview Open source security biz Socket is extending its source code dependency checker, which previously addressed only JavaScript and...

Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse
2023-06-27 20:40

The npm Public Registry, a database of JavaScript packages, fails to compare npm package manifest data with the archive of files that data describes, creating an opportunity for the installation and execution of malicious files. "The npm Public Registry does not validate manifest information with the contents of the package tarball, relying instead on npm-compatible clients to interpret and enforce validation/consistency," Clarke explains.

New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
2023-06-26 16:39

Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. PindOS is a simple JavaScript malware dropper that appears to be built specifically to fetch the next-stage payloads that deliver the attackers' final payload. Simple JavaScript malware dropper.

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware
2023-06-23 10:40

A new strain of JavaScript dropper has been observed delivering next-stage payloads like Bumblebee and IcedID. Cybersecurity firm Deep Instinct is tracking the malware as PindOS, which contains the name in its "User-Agent" string. Both Bumblebee and IcedID serve as loaders, acting as a vector for other malware on compromised hosts, including ransomware.