Dark Reading

OBSCURE#BAT Malware Highlights Risks of API Hooking

A malware campaign dubbed "OBSCURE#BAT" is making effective use of heavily obfuscated code and evasion techniques like API hooking to trick unsuspecting users into downloading an advanced and highly ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Bleeping Computer

NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...
CSOonline

Google researchers detect first operational use of LLMs in active malware campaigns

Google’s Threat Intelligence Group reports that new malware strains use LLMs mid-execution to generate, rewrite, and obfuscate malicious code in real time. Threat actors are now actively deploying ...