Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
This repository demonstrates a remote script swapping vulnerability in web applications, using a coin flip to randomly serve either a safe or a malicious PowerShell script from two different URLs.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results