The Hacker News

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...
PCquest.com on MSN

This New Windows Malware Hides in Plain Sight to Install Remcos RAT

SHADOW#REACTOR malware uses scripts and Windows tools to deploy Remcos RAT quietly, bypass defenses, and gain lasting remote ...
Infosecurity Magazine

Versatile Malware Loader pkr_mtsi Delivers Diverse Payloads

The packer plays a key role in initial access operations. Rather than delivering a single malware family, pkr_mtsi has been ...
The Hacker News

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

SHADOW#REACTOR is a malware campaign using VBS, PowerShell, and MSBuild to stealthily deploy Remcos RAT with persistent ...
Hosted on MSN

Gootloader malware returns with fake NDA scam - here's what we know

Gootloader malware resurfaces using malvertising and SEO poisoning to spread infections Attackers now obfuscate malware names using deceptive web fonts and glyph swapping Loader delivers ransomware, ...
Bleeping Computer

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'.

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...
Wired

A Security Team Is Turning This Malware Gang’s Tricks Against It

Certain cybercriminal groups like ransomware gangs, botnet operators, and financial fraud scammers get specific attention for their attacks and operations. But the larger ecosystem that underlies ...