Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam.
“While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out,” c/side researcher Himanshu Anand said in a Tuesday analysis.
“The malicious landing