Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Updated on May 16, 2025

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT.
“Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain leverages mshta.exe for…

Read the rest of the story at Read More

Source: The Hacker News

October 21, 2024 Uncategorized

Chinese Nation-State Hackers APT41 Hit G...

July 25, 2024 Uncategorized

6 Types of Applications Security Testing...

April 14, 2025 Uncategorized

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Related posts

Chinese Nation-State Hackers APT41 Hit G...

6 Types of Applications Security Testing...

Phishing Campaigns Use Real-Time Checks ...

Leave a Comment Cancel reply

Recent News

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

Automation Is Redefining Pentest Delivery

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025