TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8550

@thehackernews

The Hacker News

Views11,500Post view count
PostedMar 603/06/2026, 02:35 PM
Post content

Post content

⚠️ VOID#GEIST malware delivers 3 RATs: XWorm, AsyncRAT, and Xeno RAT through a layered script chain. Phishing emails pull a batch file from TryCloudflare, open a fake invoice PDF, then use Python to decrypt shellcode and inject it into explorer.exe via Early Bird APC. 🔗 Inside the full fileless attack chain → https://thehackernews.com/2026/03/multi-stage-voidgeist-malware.html