Bleeping Computer

Stealthy new JavaScript malware infects Windows PCs with RATs

A new stealthy JavaScript loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. The novel loader was quick to establish ...
TechJuice

GlassWorm Escapes JavaScript Sandbox to Silently Spread Across Developer Tools

GlassWorm malware uses a Zig-based dropper to infect developer tools, stealing data and spreading across IDEs.
Digital Trends

New JavaScript attack infects your phone and changes your router's DNS settings

Security firm Trend Micro has discovered an attack on home routers that involves malicious JavaScript, a mobile website, and a mobile device such as a smartphone. This attack has been taking place ...
Bleeping Computer

New PindOS JavaScript dropper deploys Bumblebee, IcedID malware

Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. PindOS is a simple JavaScript ...
Infosecurity-magazine.com

Malicious JavaScript Loader is a Multi-RAT Dispenser

Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns. A team at HP Wolf named the tool “RATDispenser,” and ...
Dark Reading

JavaScript Malware Strikes Firewalls

2:00 PM -- In the beginning, there was application security. All ports were open to the world and practically every application had holes in it. It was like the Wild West. Eventually application ...
SiliconANGLE

Deep Instinct uncovers new JavaScript-based malware dropper

Threat protection startup Deep Instinct Ltd.’s Threat Research Lab today provided details of a new strain of JavaScript-based dropper that delivers two forms of malware onto victims’ computers. Dubbed ...
CoinTelegraph

Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries

The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
Digital Trends

Hackers wiped out this popular tax prep software as filing deadline looms

The IRS-authorized tax preparation software service eFile.com recently suffered a JavaScript malware attack in the middle of tax season, according to BleepingComputer. The nefarious JavaScript file ...
Dark Reading

A Twist On The Cyber Kill Chain: Defending Against A JavaScript Malware Attack

Understanding how malware attacks work is vital to defend against them. To ease this process, threat analysts have developed models that map the stages of cybersecurity attacks, allowing defenders to ...
Windows Report

Axios Hack Bypasses GitHub Protections and Installs Hidden Malware on Systems

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through malicious npm releases. Security researchers from StepSecurity identified ...
Hosted on MSN

Gootloader malware back for the attack, serves up ransomware

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.… Since October 27, security shop Huntress says it has spotted three Gootloader ...