Bleeping Computer

TrickBot malware uses obfuscated Windows batch script to evade detection

With the 100th release of TrickBot, the malware came equipped with new and advanced evasive capabilities. One such capability is its use of an obfuscated batch script launcher to jumpstart malicious ...
Dark Reading

JavaScript Obfuscation Moves to Phishing Emails

JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new ...
Infosecurity-magazine.com

Obfuscated Javascript malware making a comeback

Obfuscated (hidden) Javascript attacks were popular among criminal hackers a couple of years ago, and were widely reported by several vendors, who developed heuristic scanning solutions to counter the ...
ZDNet

Hackers are disguising their malicious JavaScript code with a hard-to-beat trick

Over 25% of malicious JavaScript code is obfuscated by so-called 'packers', a software packaging method that has given attackers a way of evading signature-based detection, according to security and ...
Dark Reading

JavaScript Packing Found in More Than 25% of Malicious Sites

JavaScript obfuscation continues to be a favored method among cyberattackers for sneaking past defenses to deliver a broad range of payloads. However, even a good method for flagging the presence of ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.