From Inbox to Intrusion: Multi‑Stage Remcos RAT and C2‑Delivered Payloads in Network

This multi-stage fileless Remcos RAT attack leverages a phishing-delivered JavaScript dropper to trigger a reflective PowerShell loader that executes payloads entirely in memory. The infection chain utilizes obfuscation techniques like rotational XOR and Base64 encoding to reconstruct .NET payloads, significantly reducing the disk-based detection footprint. Stealth is maintained by using aspnet_compiler.exe as a LOLBin to proxy malicious execution and dynamically retrieving the final payload from a remote C2 server.

Pulse ID: 69cd1ac8518646002a1a0fbc
Pulse Link: https://otx.alienvault.com/pulse/69cd1ac8518646002a1a0fbc
Pulse Author: AlienVault
Created: 2026-04-01 13:16:56

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#ASPNet #ASPNet_Compiler #CyberSecurity #InfoSec #Java #JavaScript #NET #OTX #OpenThreatExchange #Phishing #PowerShell #Proxy #RAT #Remcos #RemcosRAT #bot #AlienVault

#oracle #AI

On the one hand I kinda wish for Oracle Tobie fail spectacularly, on the other I fear It would affect terribly #Java :/

Aprende los fundamentos del patrón de creación centralizada de usuarios (Admin-provisioned accounts) en una aplicación Spring Boot con Spring Security.
Mejora la seguridad de tus aplicaciones!

#Java

https://youtu.be/zUGeIj4FbH8

Nota: imagen generada con IA.

👀 Still deciding which session to attend?

Join me for “RAG in the Wild” and learn what it really takes to implement RAG in your systems.

📍 Room 10
⏰ 16:25
#VoxxedDaysAmsterdam

#GenAI #RAG #Java #SoftwareArchitecture #vdams26

ApproveJ 1.6.0 is here 🚀

✨ Inline Value Updates update approved value in your test source
📸 Enhanced Visual Feedback with diff
🤖 AI Assisted Reviews

👉 https://approvej.org
🔗 Full Changelog: https://lnkd.in/eyTtdR_3

#ApproveJ #Java #SoftwareTesting #OpenSource #VisualTesting #IntelliJ #DX #CleanCode

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack | Google Cloud Blog

A North Korea-Nexus threat actor is targeting a popular JavaScript package, which is used by millions of users, to deliver malware on Windows, macOS, Linux and other operating systems, analysis shows.

Pulse ID: 69cd12aea363839ddf9b50f1
Pulse Link: https://otx.alienvault.com/pulse/69cd12aea363839ddf9b50f1
Pulse Author: CyberHunter_NL
Created: 2026-04-01 12:42:22

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #Google #InfoSec #Java #JavaScript #Korea #Linux #Mac #MacOS #Malware #NPM #NorthKorea #OTX #OpenThreatExchange #RAT #SupplyChain #Windows #bot #iOS #CyberHunter_NL

Harness is hiring Staff Software Engineer

🔧 #golang #java #python #api #graphql #grpc #rest #aws #azure #cicd #docker #gcp #kubernetes #mongodb #sql
🌎 Belfast, Northern Ireland, United Kingdom
⏰ Full-time
🏢 Harness

Job details https://jobsfordevelopers.com/jobs/staff-software-engineer-at-harness-io-nov-21-2025-808f67?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring