Researchers Uncover New Cybersecurity Campaign Using Malicious JavaScript Injections

Cybersecurity researchers have discovered a new campaign utilizing malicious JavaScript injections to redirect visitors of websites on mobile devices to a Chinese adult content progressive web application (PWA), which is a scam. According to Himanshu Anand, a researcher at c/side, although the payload is a known adult gambling scam, the distribution method stands out for its originality. The redirection leads to a malicious landing page.