The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...
Dark Reading

JavaScript Obfuscation Moves to Phishing Emails

JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new ...
Bleeping Computer

About 26% of all malicious JavaScript threats are obfuscated

A research that analyzed over 10,000 samples of diverse malicious software written in JavaScript concluded that roughly 26% of it is obfuscated to evade detection and analysis. Obfuscation is when ...
Dark Reading

New Tool Sheds Light on AppleScript-Obfuscated Malware

An effort to reverse-engineer malicious AppleScript has led to the creation of a tool to analyze run-only malware targeting the Mac operating system, undermining a common attacker approach to ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Bleeping Computer

Tech Support Scams Using Multiple Obfuscation Methods to Bypass Detection

At one point while browsing the web you have probably run into a web site that pretends to be Microsoft or Google stating that something is wrong with your computer and telling you to call a listed ...