JavaScript
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket researchers […]
Windows 11 now uses JScript9Legacy engine for improved security
Microsoft announced that it has replaced the default scripting engine JScript with the newer and more secure JScript9Legacy on Windows 11 version 24H2 and later. The decision is driven by security concerns, as JScript9Legacy is expected to offer better protection against web threats, such as cross-site scripting (XSS), and also improved performance. “To provide a more […]
Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. According to Socket’s Threat Research team, the packages were uploaded to the NPM repository starting May 12 from three publisher accounts. Each of the malicious packages contains […]
Phishing kits now vet victims in real-time before stealing credentials
Phishing actors are employing a new evasion tactic called ‘Precision-Validated Phishing’ that only shows fake login forms when a user enters an email address that the threat actors specifically targeted. Unlike traditional mass-targeting phishing, this new method uses real-time email validation to ensure phishing content is shown only to pre-verified, high-value targets. Although not overly […]
Phishing attack hides JavaScript using invisible Unicode trick
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). Juniper Threat Labs that spotted the attack reports that it took place in early January 2025 and carries signs of sophistication such as the use of: […]
Brave now lets you inject custom JavaScript to tweak websites
Brave Browser is getting a new feature called ‘custom scriptlets’ that lets advanced users inject their own JavaScript into websites, allowing deep customization and control over their browsing experience. The new feature is coming in Brave Browser version 1.75 for the desktop and is very similar to the popular TamperMonkey and GreaseMonkey browser extensions, which allow users to create […]
European Space Agency’s official store hacked to steal payment cards
European Space Agency’s official web shop was hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page at checkout. With a budget over 10 billion euros, the mission of the European Space Agency (ESA) is to extend the limits of space activities by training astronauts and building rockets and […]
Apple fixes two zero-days used in attacks on Intel-based Macs
Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. “Apple is aware of a report that this issue may have been exploited,” the company said in an advisory issued on Tuesday. The two bugs were found in the macOS Sequoia JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309) components of […]