The Hacker News

New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code

Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as VVS $tealer) that's capable of ...
IEEE

TransAST: A Machine Translation-Based Approach for Obfuscated Malicious JavaScript Detection

Abstract: As an essential part of the website, JavaScript greatly enriches its functions. At the same time, JavaScript has become the most common attack payload on malicious websites. Although ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
financefeeds

Hacker nutzen JavaScript-Bibliothek aus, um Krypto-Wallet-Drainer einzusetzen

Hacker haben Exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on kryptowährung platforms. The React team released a patch on December ...
CoinTelegraph

Hackers are exploiting a JavaScript library to plant crypto drainers

The React team published a fix on Dec. 3 and advises anyone using the react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack, to upgrade immediately. There has been a recent ...
Bleeping Computer

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
bitnewsbot

New JS#SMUGGLER Campaign Distributes NetSupport RAT Malware

Cybersecurity researchers have identified a new malware campaign called JS#SMUGGLER that spreads the remote access trojan NetSupport RAT via compromised websites. The campaign uses several steps: ...
cryptonews

Warning: New Chrome Extension Drains Solana Traders – 0.05% Stolen Per Swap

The extension secretly appends an extra instruction to each Solana swap, siphoning 0.05% or at least 0.0013 SOL from the user’s wallet into the attacker’s address. A newly discovered malicious Chrome ...
Bleeping Computer

Google exposes BadAudio malware used in APT24 espionage campaigns

China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods. Since 2022, ...
CSOonline

North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes

North Korea-linked Contagious Interview campaign is now luring developers with trojanized coding tasks and pulling obfuscated payloads from public JSON-storage services like JSON Keeper, JSONSilo, and ...
SiliconANGLE

Black Duck introduces AI model scanning to tackle hidden and obfuscated AI components

Application security solutions provider Black Duck Software Inc. today announced the that it has added artificial intelligence model risk scanning to its Software Composition Analysis platform. The ...
GitHub

JavaScript obfuscator

JavaScript Obfuscator is a powerful free obfuscator for JavaScript, containing a variety of features which provide protection for your source code. It is not recommended to obfuscate vendor scripts ...