description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Base64 URL encoding is used instead of standard Base64 because it doesn't include characters like +, /, or =, making it safe to use directly in URLs and HTTP headers without requiring further encoding ...

A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks. What makes the vulnerability severe is ...

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.

A new malware campaign has compromised nearly 2,000 WordPress websites by using Steam Community profile comments to hide ...