WeLiveSecurity

Wslink: Unique and undocumented malicious loader that runs as a server

ESET researchers have discovered a unique and previously undescribed loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. We have ...
The Hacker News

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

SHADOW#REACTOR is a malware campaign using VBS, PowerShell, and MSBuild to stealthily deploy Remcos RAT with persistent ...
Threat Post

.WAVs Hide Malware in Their Depths in Innovative Campaign

Two different payloads are hiding in audio files, each paired with one of three loaders. Audio .WAV files are the latest hiding place for obfuscated malicious code; a campaign has been spotted in ...
Threat Post

Nim-Based Malware Loader Spreads Via Spear-Phishing Emails

Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike. The TA800 threat group is distributing a malware loader, which researchers ...
CSOonline

Hard-to-detect malware loader distributed via AI-generated YouTube videos

Security researchers warn of a new malware loader that’s used as part of the infection chain for the Aurora information stealer. The loader uses anti-virtual-machine (VM) and unusual compilation ...

Gootloader now uses 1,000-part ZIP archives for stealthy delivery

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...
PCQuest on MSN

This new Windows malware hides in plain sight to install Remcos RAT

It does not crash systems or raise alarms. It blends into everyday Windows activity and works quietly in the background. By the time it is noticed, control may already be lost.Security teams are ...