InfoWorld

North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes

The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage services.
The Hacker News

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

"The threat actors have recently resorted to utilizing JSON storage services like JSON Keeper, JSONsilo, and npoint.io to ...

Hackers found a way to weaponize CAPTCHA pages, and it's incredibly effective

A year of escalating social-engineering attacks has produced one of the most efficient infection chains observed to date. Known as ClickFix, this method requires only that ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Security Boulevard

AI Can Crack Your Fraud Prevention in Hours. Here’s How We Stop It

The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...
GitHub

JavaScript obfuscator

JavaScript Obfuscator is a powerful free obfuscator for JavaScript, containing a variety of features which provide protection for your source code. It is not recommended to obfuscate vendor scripts ...

Gootloader malware returns with fake NDA scam - here's what we know

The Gootloader malware scam, which was thought to have been disrupted and shut down in March 2025, has returned with both old, and new tricks, experts have warned.

Google spots malware in the wild that morphs mid-attack, thanks to AI

PROMPTFLUX: Experimental malware, a VBScript dropper with obfuscation, that abuses the Google Gemini API to dynamically rewrite its own source code. PROMPTLOCK: Another experimental strain of malware, ...