MAL-2025-617 Malicious code in outlookapi (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

MAL-2025-46 Malicious code in solanacore (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

MAL-2025-45 Malicious code in solana-login (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

Ransomware Phishing Emails Sneak Through SEGs

Secure email gateway SEG protections aren’t necessarily enough to stop phishing emails from delivering ransomware to employees, especially if the cybercrooks are using legitimate cloud services to host malicious pages. Researchers are raising the alarm over a phishing email kicking off a...

ESRI ArcMap code execution

MXD files may contain VBS scripts...

QQ 0day-vulnerability warning-the black bar safety net

Put that 3 files to\Tencent\QQ\IMScene\Scene\ Use Notepad to open the VBScript. qqs The bottom has that code. Then in the scene to someone else Download: qq.rar Related information sources: carved brand's blog） About that QQ 0day little information, and now the specific process written out, we lo...