❌

Reading view

Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation

A cybercrime campaign combined a loader-as-a-service framework and DLL sideloading via a Go-compiled fake MpClient.dll, a novel evasion layer combination.

The post Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation appeared first on Unit 42.

  •  

CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure

Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom TinyRCT backdoor.

The post CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure appeared first on Unit 42.

  •  

OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat

Unit 42's analysis of ClawHub revealed evasive malicious skills bypassing automated scanners to deploy infostealers and execute agentic financial fraud.

The post OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat appeared first on Unit 42.

  •  
  •  
❌