The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...
Dark Reading

JavaScript Obfuscation Moves to Phishing Emails

JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new ...
Infosecurity-magazine.com

Obfuscated Javascript malware making a comeback

Obfuscated (hidden) Javascript attacks were popular among criminal hackers a couple of years ago, and were widely reported by several vendors, who developed heuristic scanning solutions to counter the ...
ZDNet

Hackers are disguising their malicious JavaScript code with a hard-to-beat trick

Over 25% of malicious JavaScript code is obfuscated by so-called 'packers', a software packaging method that has given attackers a way of evading signature-based detection, according to security and ...
Bleeping Computer

Tech Support Scams Using Multiple Obfuscation Methods to Bypass Detection

At one point while browsing the web you have probably run into a web site that pretends to be Microsoft or Google stating that something is wrong with your computer and telling you to call a listed ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.