In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads
You must log in or register to comment.
And it’s not the image that’s the attack vector, it’s still a vbscript in an excel document that download the image as its malware payload, decodes the malware and executes it.
Wait … what … another Windows vulnerability … Oh No!
Anyway
