VBScript 重出江湖:WhatsApp 假文档传播 RMM 远控软件

2026年6月,我们观测到一场通过WhatsApp私信(direct messages)传播恶意VBScript文件的恶意软件攻击活动。该活动影响了包括马来西亚、巴西、印度、墨西哥、新加坡、英国、西班牙、台湾地区、澳大利亚、俄罗斯和越南在内的多个国家和地区的用户,其中马来西亚观测到的受害者数量最多。在撰写本文时,此次攻击活动仍在持续进行。
Windows Report

WhatsApp Malware Campaign Targets Users With Fake Business Documents

Kaspersky warns of a WhatsApp malware campaign using fake business documents to install remote access tools on Windows PCs.
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
TWCN Tech News

Convert PowerShell script (PS1) file to EXE with IExpress on Windows 11

You can wrap an executable file around a PowerShell script (PS1) so that you can distribute the script as an .exe file rather than distributing a “raw” script file. This eliminates the need to explain ...

New WhatsApp phishing campaign allows for remote access from a single business document

WhatsApp users are getting shady documents from their contacts, leading to an infection.
Newspoint on MSN

WhatsApp: Hackers targeting WhatsApp users; virus spreading under the guise of business ...

If you use WhatsApp Desktop or WhatsApp Web, you need to exercise extra caution. Cybersecurity firm Kaspersky has revealed a ...
Infosecurity Magazine

Lookalike npm Package Hides a Multi-Stage Windows RAT

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

WhatsApp Desktop, WhatsApp Web Users Targeted Using Malware Campaign, Kaspersky Warns

Kaspersky Global Research and Analysis Team (GReAT) discovered a malware distribution campaign targeting users of WhatsApp ...
Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...