Hackers are abusing DOCX, RTF, JavaScript, PowerShell, and Python to deliver an in‑memory Cobalt Strike beacon in a stealthy spear‑phishing campaign that impersonates Boeing procurement under the tag NKFZ5966PURCHASE. The operation chains six stages, relies heavily on living‑off‑the‑land binaries, and reuses the same encryption keys across all known samples, creating both strong evasion and clear […]

The post RFQ Malware Campaign Uses DOCX, RTF, JS, and Python appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/rfq-malware-campaign/