CyberAliens

28/07/2025

no matter what
master this metasploit framework

15/06/2025

ChatGPT

You said:

Reduce this article to less than 200 words; Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month. Cybersecurity researchers are calling attention to a "large-scale campaign" that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSF**k, which refers to an "esoteric and educational programming style" that uses only a limited set of characters to write and execute code. The cybersecurity company has given the technique an alternate name JSFireTruck owing to the profanity involved. "Multiple websites have been identified with injected malicious JavaScript that uses JSFireTruck obfuscation, which is composed primarily of the symbols [, ], +, $, {, and }," security researchers Hardik Shah, Brad Duncan, and Pranay Kumar Chhaparwal said. "The code's obfuscation hides its true purpose, hindering analysis." Further analysis has determined that the injected code is designed to check the website referrer ("document.referrer"), which identifies the address of the web page from which a request originated. Should the referrer be a search engine such as Google, Bing, DuckDuckGo, Yahoo!, or AOL, the JavaScript code redirects victims to malicious URLs that can deliver malware, exploits, traffic monetization, and malvertising. Unit 42 said its telemetry uncovered 269,552 web pages that have been infected with JavaScript code using the JSFireTruck technique between March 26 and April 25, 2025. A spike in the campaign was first recorded on April 12, when over 50,000 infected web pages were observed in a single day. "The campaign's scale and stealth pose a significant threat," the researchers said. "The widespread nature of these infections suggests a coordinated effort to compromise legitimate websites as attack vectors for further malicious activities." Say Hello to HelloTDS # The development comes as Gen Digital too

15/06/2025

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month.
Cybersecurity researchers are calling attention to a "large-scale campaign" that has been observed compromising legitimate websites with malicious JavaScript injections.

According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSF**k, which refers to an "esoteric and educational programming style" that uses only a limited set of characters to write and execute code.

The cybersecurity company has given the technique an alternate name JSFireTruck owing to the profanity involved.

"Multiple websites have been identified with injected malicious JavaScript that uses JSFireTruck obfuscation, which is composed primarily of the symbols [, ], +, $, {, and }," security researchers Hardik Shah, Brad Duncan, and Pranay Kumar Chhaparwal said. "The code's obfuscation hides its true purpose, hindering analysis."
Further analysis has determined that the injected code is designed to check the website referrer ("document.referrer"), which identifies the address of the web page from which a request originated.

Should the referrer be a search engine such as Google, Bing, DuckDuckGo, Yahoo!, or AOL, the JavaScript code redirects victims to malicious URLs that can deliver malware, exploits, traffic monetization, and malvertising.

Unit 42 said its telemetry uncovered 269,552 web pages that have been infected with JavaScript code using the JSFireTruck technique between March 26 and April 25, 2025. A spike in the campaign was first recorded on April 12, when over 50,000 infected web pages were observed in a single day.

"The campaign's scale and stealth pose a significant threat," the researchers said. "The widespread nature of these infections suggests a coordinated effort to compromise legitimate websites as attack vectors for further malicious activities."

Say Hello to HelloTDS #
The development comes as Gen Digit

19/04/2025

Interpol's "Operation Serengeti" Leads to Over 1,000 Arrests in Africa

International police organization Interpol announced the arrest of 1,006 suspects in Africa during a two-month cybercrime crackdown (September 2 – October 31) conducted with Afripol (African Union’s police agency). The operation spanned 19 African countries, targeting ransomware, business email scams, digital extortion, and online fraud.

20/06/2024

31/10/2023

Hi aliens

22/05/2023

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities
The three security shortcomings are listed below -

CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It was addressed with improved bounds checks.
CVE-2023-28204 - An out-of-bounds read issue in WebKit that could be abused to disclose sensitive information when processing web content. It was addressed with improved input validation.
CVE-2023-32373 - A use-after free bug in WebKit that could lead to arbitrary code ex*****on when processing maliciously crafted web content. It was addressed with improved memory management.

22/05/2023

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware.

22/05/2023

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware
Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat.

The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down.

22/05/2023

finally inner peace :
Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024