Cybersecurity experts have uncovered a recent malware operation that utilizes a PowerShell-based shellcode loader to install a remote access trojan known as Remcos RAT.
“Threat perpetrators distributed harmful LNK files concealed within ZIP files, frequently masquerading as Office documents,” Qualys security analyst Akshay Thorve mentioned in a technical report. “The attack sequence employs mshta.exe for