Tag: JavaScript

An online retailer was hit by a JavaScript attack from a group associated with Magecart, a collective of cybercriminals that specializes in skimming credit card numbers from compromised websites.

For several months, a version of a popular JavaScript library for Node.js contained malicious code that enabled digital attackers to compromise users' bitcoin wallets.

A watering hole campaign that has been active in Southeast Asia since September has compromised at least 21 websites, including government and media domains.

Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.

Security researchers observed CactusTorch, a fileless malware, using a .NET executable to run harmful .NET assemblies from memory.

Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.

A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.

Over 20 mobile apps commonly used for stock trading are not very secure, according to recent security research.

Investigations by npm, a Node.js management registry, revealed that an errant attacker uploaded 38 malicious JavaScript packages on the repository.

Malicious script Magecart is still going strong, allowing threat actors to hire U.S. mules to ship fraudulently purchased goods.