What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans
A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.
Mobile Stock Trading Apps Vulnerable to Attack
Over 20 mobile apps commonly used for stock trading are not very secure, according to recent security research.
Typosquatting Attack Puts Developers at Risk From Infected JavaScript Packages
Investigations by npm, a Node.js management registry, revealed that an errant attacker uploaded 38 malicious JavaScript packages on the repository.
Let’s Get Physical: Malicious Script Magecart Expands Impact With Fraudulent Mail Forwarding
Malicious script Magecart is still going strong, allowing threat actors to hire U.S. mules to ship fraudulently purchased goods.
Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting
Web application developers must learn to think like cybercriminals to combat the growing threat of cross-site scripting (XSS) attacks.
Google’s JavaScript Ban Boosts SVG Image Misuse
Cybercriminals have responded to Google's impending JavaScript ban by launching phishing attacks that seek to spread via infected SVG image files instead.
Swiped! Malicious JavaScript Infection Cracks Credit Card Data
Malicious JavaScript has infected over 6,000 online stores, compromising consumer credit card data and reinforcing the need for active online security.
Proxy Connects Show Evidence of a Software Vulnerability
A security researcher recently discovered a software vulnerability that allows attackers to exploit the way applications respond to HTTP CONNECT requests.
Chrome HTML5 Update: Less Flashy, More Secure
HTML5 isn't perfect, but Flash simply can't complete. The HTML5 update will result in reduced power consumption and faster load times.
Flash or HTML5? Malvertising-Makers Will Happily Hijack Both
More ad providers are moving to HTML5 to prevent malvertising, but this shift alone isn't enough to deter cybercriminals from their exploits.