The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.
A threat actor is exploiting last year's Follina (RCE) remote code execution vulnerability to deploy the XWORM remote access trojan (RAT) and data-stealer against targets in the hospitality industry.
In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...
You don’t need to be a sophisticated attacker to cause serious damage to businesses anymore. Not when malware like XWorm is this cheap, available, and easy to use. XWorm is a type of Remote Access ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results