Compromised ad company serves Magecart skimming code to hundreds of websites
Security researchers have flagged a new web-based supply chain attack by one of the cybercriminal groups that fall under the Magecart umbrella. The attackers managed to …
JavaScript
Magecart compromises Feedify to get to hundreds of e-commerce sites
Customer engagement service Feedify has been hit by Magecart attackers, who repeatedly modified a script that it serves to a few hundred websites to include payment card …
Zip Slip vulnerability affects thousands of projects
An arbitrary file overwrite vulnerability that can be exploited by attackers to achieve code execution on a target system affects a myriad of projects and multiple ecosystems, …
Thousands of government, orgs’ websites found serving crypto mining script
On Sunday, over 4,200 websites around the world started hijacking visitors’ browsers to mine the Monero crypto currency. The attack The problem was first noticed and …
How to make public Wi-Fi users mine cryptocurrency for you
Covertly roping unsuspecting users’ machines into mining cryptocurrency is a dream for many aspiring cryptocurrency owners, and some of them set aside ethical …
How to keep your browser and devices safe from cryptojackers
Cryptojacking makes surfing the web similar to walking through a minefield: you never know when you might land on a booby-trapped site. Stealthy cryptocurrency mining scripts …
The Wild West of drive-by cryptocurrency mining
As more and more Coinhive clones continue popping up, chances of users’ CPU power being hijacked for cryptocurrency mining are rising. According to Malwarebytes’ …
Coinhive breached due to old, reused password
Coinhive has suffered another setback: their DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project’s …
Compromised analytics provider made Equifax’s site point to malware
Yesterday’s revelation that Equifax’s credit report assistance Web page was spotted redirecting visitors to malware resulted in the company temporarily disabling …
Showtime’s Web sites roped visitors’ CPU into mining cryptocurrency
Here’s the latest good reason for users to block JavaScript: if you don’t, your computer’s CPU power could be used to mine cryptocurrency without your …
