Post #8665

🚨 A malvertising campaign uses tax searches to deliver kernel-level EDR killers via rogue ScreenConnect installers. Cloaking hides payloads; a signed Huawei driver is abused via BYOVD to disable Defender, Kaspersky, and SentinelOne before credential theft and lateral movement. 🔗 Read → https://thehackernews.com/2026/03/tax-search-ads-deliver-screenconnect.html