📄 Fake DocuSign sites hosted on GitCode are spreading malware via HTML smuggling. It’s a clever twist on a classic phish—don’t trust every “signature request.” 🧪📬
#PhishingAlert #HTMLSmuggling

https://thehackernews.com/2025/06/fake-docusign-gitcode-sites-spread.html

Netskope reports on an Azorult infostealer campaign in the wild that delivers its initial payload through HTML smuggling. It uses reflective code loading (T1620) to execute the fileless Azorult malware, and an Anti Malware Scan Interface (AMSI) bypass technique (T1562.001) to avoid detection. Netskope provides the infection chain, infostealer features and IOC. 🔗 https://www.netskope.com/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites

#Azorult #threatintel #HTMLsmuggling #IOC #infostealer

#HTMLSmuggling #javascript

https://github.com/eddiechu/File-Smuggling

Catch up on last week's infosec news with our latest newsletter: https://opalsec.substack.com/p/soc-goulash-weekend-wrap-up-538

#RaspberryRobin continues to improve its evasion mechanisms, extracting more data from victims in the Financial sector.

#Dridex developers look to be dabbling in creating a Mac variant - but aren't quite there yet.

#HTMLSmuggling is being used increasingly over the past few months by heavy-hitting first stage malware such as Qakbot, IcedID and BumbleBee - make sure you understand how it works and how to spot it.

#infosec #CyberAttack #Hacked #cyber #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #hacking #security #technology #hacker #vulnerability #vulnerabilities