NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
Security Boulevard

Gin & Juice Shop Benchmark: How DAST Tools Really Stack Up

In this article, we benchmark Escape against other DAST tools. Focusing on Gin & Juice Shop, we compare results across ...
WeLiveSecurity

Watch out for SVG files booby-trapped with malware

What you see is not always what you get as cybercriminals increasingly weaponize SVG files as delivery vectors for stealthy malware.