Post #8524

@thehackernews

The Hacker News

Views10,700Post view count

PostedMar 303/03/2026, 05:17 PM

Post content

Threat actors deployed modified Havoc C2 after posing as IT support. They spam-bombed targets, called them directly to gain remote access, sent victims to a fake Outlook “anti-spam” page to steal credentials, then used DLL sideloading and legit RMM tools to move to nine endpoints in 11 hours. 🔗 Read → https://thehackernews.com/2026/03/fake-tech-support-spam-deploys.html