AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...
GitHub

Modern Python Code Obfuscator

A Python code obfuscator built with AST-based transformations. Supports Python 3.8 through 3.14 (including the latest stable release). Provides reliable name mangling, string encoding, and code ...
The Hacker News

Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and Facebook Business ...
IEEE

Cortex: A Heterogeneous Graph Transformer Framework for Detecting Obfuscated Webshells

Abstract: Static webshell detection is increasingly challenged by sophisticated code obfuscation techniques that degrade the performance of existing models. To address this, we propose Cortex, a novel ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...