The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim to deliver data stealing malware to devices running on Microsoft Windows.

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity. Since October 27, security shop Huntress says it has spotted three Gootloader ...

Threat actors are shifting from conventional phishing tricks, which used malicious links and document macros, to benign-looking image files embedded with stealthy browser redirects. According to an ...

A new phishing campaign leveraging SVG files to deliver JavaScript-based redirect attacks has been uncovered by cybersecurity researchers. The attack utilizes seemingly benign image files to conceal ...

Ontinue warns of a newly observed phishing campaign leveraging Scalable Vector Graphics (SVG) files in redirect attacks that evade traditional detection. While considered harmless image formats, SVG ...

CISOs should warn HR staff not to be fooled by a new spear phishing campaign that contains job applications that include updated malware, and take steps to identify and block an improved backdoor.

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised ...