fromThe Hacker News
4 hours agoSideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
The activity "reveals a notable evolution in SideWinder's TTPs, particularly the adoption of a novel PDF and ClickOnce-based infection chain, in addition to their previously documented Microsoft Word exploit vectors," Trellix researchers Ernesto Fernández Provecho and Pham Duy Phuc said in a report published last week. The attacks, which involved sending spear-phishing emails in four waves from March through September 2025, are designed to drop malware families such as ModuleInstaller and StealerBot to gather sensitive information from compromised hosts.
Information security