Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Island found dormant JavaScript injection paths in Adblock for YouTube, a Chrome extension with 10M+ installs, raising ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.

The malware blends data theft with remote code execution, “turning a financially motivated stealer into a lightweight backdoor,” Microsoft said. Microsoft Threat Intelligence is warning Windows users ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.

A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...

Threat actors exploited a KnowledgeDeliver zero-day vulnerability to deploy web shells and backdoors, Google-owned Mandiant reports. A learning management system (LMS) built by Digital Knowledge, ...

TAJS is a dataflow analysis for JavaScript that infers type information and call graphs. The current version of the analysis contains a model of ECMAScript 3rd edition, including the standard library, ...