Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
GitHub

ML SDK VGF Library

The encoder provides a simple, high-level API for building up VGF files. It is designed for easy integration into offline tooling. The decoder is designed to be lightweight and to be included in ...