Threat actors have exploited hacked high-ranking legitimate websites to enable BadSpace malware backdoor distribution on Windows machines. The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases, a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system. BadSpace is a backdoor Trojan that secretly installs itself on a computer, giving cybercriminals remote access and control. It can
fakeupdates (2)
Hundreds of regional and national news websites in the United States are delivering malware because of a supply chain attack involving one of their service providers. Cybersecurity researchers reported on 02 November 2022 that a threat actor it tracks as TA569 appears to be behind the attack. The hackers have targeted an unnamed media company that serves many news outlets in the US.
The service provider delivers content to its partners via a JavaScript file. The attacker modified the noted cod
