Jscrambler npm Package Compromised: Check Five Malicious Versions
Five malicious Jscrambler npm releases ran a cross-platform infostealer. Check versions, lockfiles, persistence, sessions, and exposed secrets.
Gridinsoft security desk
Fresh malware news, scam explainers, removal guides, browser fixes, and field notes from the Gridinsoft research team. Start with the alert, then move to the fix.
Five malicious Jscrambler npm releases ran a cross-platform infostealer. Check versions, lockfiles, persistence, sessions, and exposed secrets.
CERT/CC warns that several Tenda router firmware builds contain a hidden admin backdoor. Check affected versions and reduce…
Avalon malware uses legal-document lures, ISO images, LNK shortcuts, and MSBuild before CrownX ransomware appears. Here is what…
One Xeno Executor bundle delivered Salat Stealer, while a different hash scanned clean. Compare samples, check wios.exe and Defender changes, then clean…
SUCKS 2 SUCK ransomware adds .encrypted, drops !.txt, and shows a 10-attempt lock screen. Isolate the PC, remove malware, and recover files…
Static analysis of a suspicious Payment to Bank Details DOCX attachment with a broken altChunk/RTF import chain, missing payload part, and no proven callback.
Old Favorites and .url shortcuts can be flagged when saved sites become phishing, scam, or adware…
A technical analysis of an SF Express e-invoice HTML attachment that steals email passwords through Telegram…
Runechat.com is flagged as phishing with a 3/100 trust score. Learn why not to log in,…
Is Echo.ac malware? Learn when Echo Anti-Cheat is legitimate, why echo_driver.sys needs verification, and what to…
SocGholish, also called FakeUpdates, uses fake browser update prompts on compromised sites. Learn what to do…
Learn what Trojan.Malware.300983.susgen means in VirusTotal results, when it is likely a false positive, and when…
Seeing Behavior:Win32/BrowserKill.A!MTB in Microsoft Defender? Learn what the alert means, what to check in cmd.exe and…
Neshta.Virus.FileInfector.DDS is a file-infector alert. Learn what a Recycle Bin hit means, what to check, when…
Troubleshooting
Learn what igfxpers.exe does, when Intel Persistence Module is safe to disable, and which…
Troubleshooting
Learn what hkcmd.exe does, when the Intel hotkey startup entry is safe to disable,…
Troubleshooting
igfxtray.exe is usually an Intel graphics tray helper. Check the path, signature, startup behavior,…
Troubleshooting
MSASCuiL.exe is usually a Windows Defender startup component. Check the path, Microsoft signature, and…
Troubleshooting
RAVBg64.exe is usually a Realtek audio process. Learn safe paths, signature checks, high-CPU fixes,…
Tips & Tricks
A fake Legal Payroll & Tax Audit shared document email pushes an Open Share…
Troubleshooting
USB malware removal is a decision: scan the drive, run an offline scan, or…
Tips & Tricks
VirusTotal is useful for hashes, URLs, and public samples, but private documents, source code,…
Tips & Tricks
Is 123Movies safe? Learn clone-site risks from fake play buttons, redirects, notifications, downloads, card…
Tips & Tricks
WatchCartoonOnline and WCO clone domains are not child-safe. Learn the risks from fake play…
Tips & Tricks
The Pirate Bay is not a safe download source. Learn how fake mirrors, ads,…
Tips & Tricks
MoviesJoy-like streaming sites can expose users to fake play buttons, redirects, notification spam, and…