Post #8194

Researchers uncovered SHADOW#REACTOR, a multi-stage campaign delivering Remcos RAT. It starts with an obfuscated VBS launcher, moves through PowerShell, and rebuilds fragmented text payloads in memory. The defining trait is text-only stagers and LOLBin abuse to reduce detection. 🔗 Read → https://thehackernews.com/2026/01/new-malware-campaign-delivers-remcos.html