Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
GitHub

install-new-teams-v2.ps1

including the Outlook Add-in and sets required registry keys for Citrix VDA as well. The new Teams is based on EdgeWebView Runtime and willbe installed as well. You ...