Dark Reading

OBSCURE#BAT Malware Highlights Risks of API Hooking

A malware campaign dubbed "OBSCURE#BAT" is making effective use of heavily obfuscated code and evasion techniques like API hooking to trick unsuspecting users into downloading an advanced and highly ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Bleeping Computer

NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...