JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new ...

Cybersecurity firms CyberProof, Trend Micro, Sophos, and Kaspersky believe Maverick attacks WhatsApp web users by combining ...

LummaC2, an infostealer malware actively exploiting PowerShell commands, has resurfaced to infiltrate and exfiltrate sensitive data. Discovered by cybersecurity researchers at Ontinue, the malware’s ...

Google's Threat Intelligence Group (GTIG) has identified a major shift this year, with adversaries leveraging artificial intelligence to deploy new malware families that integrate large language ...

Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...

The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware ...

[Excerpted from "Malware War: How Malicious Code Authors Battle to Evade Detection," a new, downloadable report available this week on Dark Reading's Advanced Threats Tech Center.] Reverse engineering ...

Google has banned obfuscated code for Chrome Web Store extensions to reduce policy violations in a move likely to affect cryptojackers. Google’s new restrictions on Chrome Web Store extensions ...