A new loader called OXLOADER is being distributed via malvertising on Google and installs the infostealer CastleStealer using sophisticated obfuscation techniques with very low detection rates.
Three new malware loaders (BabaDeda, Lorem Ipsum, Potemkin) distribute via ClickFix social engineering and compromised WordPress sites to enable data theft, ransomware, and remote control.