Threat Post

PowerShell Obfuscation Ups the Ante on Antivirus

The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods. A new malware sample using a rare ...
Dark Reading

JavaScript Obfuscation Moves to Phishing Emails

JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
Threat Post

Norman Cryptominer Employs Sophisticated Obfuscation Tactics

A new XMRig Monero cryptominer stands apart, despite its non-flashy name. A never-before-seen cryptomining variant, dubbed “Norman” after one of its executable files, has been spotted in the wild ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...