A fresh wave of phishing emails is exploiting a blind spot in enterprise email security tools — one that most organizations have not closed — by disguising executable JavaScript inside SVG image files ...
Prior work — please read and cite these first. The original attribution of this campaign belongs to the research teams below. This repo is a cross-validation and methodology contribution, not original ...
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption ...
A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The ...
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named ...
Ontinue warns of a newly observed phishing campaign leveraging Scalable Vector Graphics (SVG) files in redirect attacks that evade traditional detection. While considered harmless image formats, SVG ...
The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The ...
A bitwise operator is a character that represents an action taken on data at the bit level, as opposed to bytes or larger units of data. More simply put, it is an operator that enables the ...
The domain and IP addresses involved do not appear in any previously documented incidents, and the malware does not share any code similarities with previously known malicious software. Since this ...