News

North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...
CSO Online16h
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
iHLS Israel Homeland Security1h
Malware Disguised as VPN Software Found Abusing GitHub’s Open Platform
A new malware campaign is using GitHub to quietly distribute an infostealer tool under the pretense of free utility software, ...
The Hacker News17h
AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
Discover how AsyncRAT evolved from GitHub release to a widespread malware tool, spawning dangerous variants like DCRat and ...
Infosecurity Magazine15h
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
Once opened in a browser, the code decrypts a secondary payload using a static XOR key and then redirects the user to an ...
The Hacker News18h
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
North Korean hackers continue attacking open-source software via npm packages. 67 new malicious packages with XORIndex Loader ...
North Korean hackers release malware-ridden packages into npm registry
Uploading malicious code to npm is just a setup. The real attack most likely happens elsewhere - on LinkedIn, Telegram, or ...