Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.

Abstract: JavaScript code obfuscation has become a major technique used by malware writers to evade static analysis techniques. Over the past years, a number of dynamic analysis techniques have been ...

Abstract: Obfuscated and fileless malware families evade traditional detection systems by residing exclusively in memory and employing stealthy techniques such as process injection and encrypted ...

Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named ...

Cybersecurity training company Hack The Box Ltd. announced today that it has acquired LetsDefend Inc., a provider of a blue team training platform, for an undisclosed price. Founded in 2021, ...

A global phishing campaign using personalized emails and fake websites to deliver malicious downloads has been identified by cybersecurity researchers. According to a new advisory by FortiGuard Labs, ...

Maintainer Jordan Harband writes on Bluesky that attackers had taken over the account of another project manager. Versions 3.3.1 and 5.0.0 of the package are affected. Both versions were apparently ...

This case study analyzed a stealthy host-based compromise in which the attacker exploited the trusted Windows binary mshta.exe to execute a remotely hosted, obfuscated JavaScript payload. The attacker ...

Cyble Research and Intelligence Labs (CRIL) researchers have uncovered a new variation of the Strela Stealer that represents “a notable advancement in malware delivery techniques, highlighting ...