GitHub

mmc_lolbas_execution_process_spawn.yml

description: The following analytic identifies `mmc.exe` spawning a LOLBAS execution process. It leverages data from Endpoint Detection and Response (EDR) agents, focusing on process creation events ...
LinkedIn

RoyalCity Hiring Repo: Crypto Stealer Delivered Through an InfiniGods Impersonation

I received a take-home "assessment" repo that looked like a normal React/Node project. It was labeled InfiniGods / RoyalCity and presented as a villa rental and investment app. Before running anything ...
GitHub

Capture screenshots of websites from the command-line

Note to Linux users: If you get a "No usable sandbox!" error, you need to enable system sandboxing. Note to Apple silicon users: If you get a "spawn Unknown system error" error, try installing Rosetta ...
Microsoft

Threat actors misuse Node.js to deliver malware and other malicious payloads

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...