Bleeping Computer

Stealthy new JavaScript malware infects Windows PCs with RATs

A new stealthy JavaScript loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. The novel loader was quick to establish ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Digital Trends

New JavaScript attack infects your phone and changes your router's DNS settings

Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place ...
Bleeping Computer

IRS-authorized eFile.com tax return software caught serving JS malware

eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware. Security researchers state the malicious JavaScript ...
SiliconANGLE

Deep Instinct uncovers new JavaScript-based malware dropper

Threat protection startup Deep Instinct Ltd.’s Threat Research Lab today provided details of a new strain of JavaScript-based dropper that delivers two forms of malware onto victims’ computers. Dubbed ...
Digital Trends

Hackers wiped out this popular tax prep software as filing deadline looms

The IRS-authorized tax preparation software service eFile.com recently suffered a JavaScript malware attack in the middle of tax season, according to BleepingComputer. The nefarious JavaScript file ...
Dark Reading

JavaScript Malware Strikes Firewalls

2:00 PM -- In the beginning, there was application security. All ports were open to the world and practically every application had holes in it. It was like the Wild West. Eventually application ...
Dark Reading

A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack

Understanding how malware attacks work is vital to defend against them. To ease this process, threat analysts have developed models that map the stages of cybersecurity attacks, allowing defenders to ...
CSOonline

SEO poisoning campaign directs search engine visitors from multiple industries to ...

Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for ...
ksn.com

ANY.RUN Analyze New Node.js Malware with Unprecedented Capabilities

Lu0Bot is more versatile and difficult to detect than most malware families because it targets a platform-agnostic runtime environment commonly used in modern web applications and employs multi-layer ...
来自MSN

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.… Since October 27, security shop Huntress says it has spotted three Gootloader ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...