Dark Reading

China-Backed 'PeckBirdy' Takes Flight for Cross-Platform Attacks

China-aligned threat actors have been using a cross-platform, multifunction JScript framework to conduct cyber-espionage attacks for the past several years, augmenting their activities with modular ...
Infosecurity-magazine.com

PeckBirdy Framework Tied to China-Aligned Cyber Campaigns

A previously undocumented script-based command-and-control (C2) framework has been linked to multiple cyber campaigns targeting gambling companies, government bodies and private organizations across ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
GitHub

The collection of Javascript / JScript / VBScript extensions, tools and more

This is the collection of the Javascript / JScript extensions and standalone scripts. It consists of the original scripts by myself and other authors with proper credits. Years ago I invented a simple ...
IEEE

A Thorough Review of the JScript Technology to Perform Client-side Code Execution Attacks

Abstract: The DotNetToJScript (DTJS) project, released in 2017, established an impressive technique for reflectively loading .NET shellcode using Windows scripting languages like JScript and VBScript.
TechAnnouncer

New Computer Virus Alert: Understanding Today’s Evolving Threats

Lately, there’s been a lot of buzz about a new computer virus, and honestly, it’s kind of a big deal. These aren’t your grandpa’s viruses anymore; they’re getting super sneaky. Think fake update ...
GitHub

Fully Weaponized CVE-2021-40444

Now the generator is able to generate the document required to exploit also the "Follina" attack (leveraging ms-msdt). Although many PoC are already around the internet, I guessed to give myself a run ...