Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter From Drone Strike to File Recovery: Outsmarting a Nation State New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises Unmasking Interlock Group’s Evolving Malware Arsenal Persistent Risk: XZ Utils Backdoor Still Lurking […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems EncryptHub abuses Brave Support in new […]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems EncryptHub abuses Brave Support in new […]
CloudSEK uncovered a Pakistan-based family cybercrime network that spread infostealers via pirated software, netting $4.67M and millions of…
EncryptHub actor exploits Windows flaw CVE-2025-26633 (“MSC EvilTwin”) with rogue MSC files and social engineering to drop malware. The threat actor EncryptHub exploits the now-patched Windows flaw CVE-2025-26633 (“MSC EvilTwin”) using rogue MSC files and social engineering to deliver malware, warns Trustwave SpiderLabs. The flaw is an improper neutralization issue in Microsoft Management Console that […]
A new malware campaign has affected users globally, stealing sensitive data. Identified as PXA stealer,…
PXA Python Malware Targets Thousands Of Victims Globally on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing …
Microsoft recently announced the launch of Project Ire – a dedicated AI agent for malware…
Project Ire – Microsoft Launches AI Agent For Automated Malware Classification on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration …
APT group UAT-7237, linked to UAT-5918, targets web infrastructure in Taiwan using customized open-source tools to maintain long-term access. A Chinese-speaking advanced persistent threat (APT) group, tracked as UAT-7237, has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. […]
PhantomCard, an NFC-driven Android Trojan in Brazil, relays card data to fraudsters, spread via fake Google Play “card protection” apps. ThreatFabric warns of PhantomCard, a new Android NFC-driven trojan targeting Brazilian banking customers and possibly expanding globally. The malicious code is based on Chinese NFC relay Malware-as-a-Service, it relays victims’ card data to fraudsters for cash-out. The […]
Porn sites are hiding code in .svg files:
Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of “JSFuck,” a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text.
Once decoded, the script causes the browser to download a chain of additional obfuscated JavaScript. The final payload, a known malicious script called Trojan.JS.Likejack, induces the browser to like a specified Facebook post as long as a user has their account open…