Abusing Windows File Explorer and WebDAV for Malware Delivery

Ali Nemati4 days ago35 sec read33 views

WebDAV is exploited by threat actors to deliver malware via Windows File Explorer, tricking victims into believing files are local rather than remote. This tactic involves using URL shortcut (.url) and LNK files to open WebDAV links that appear safe but actually download malicious scripts or executables from controlled servers. Pop-up warnings in File Explorer can be easily ignored by users, leading to successful execution of payloads like XWorm RAT, Async RAT, and DcRAT. German language finance-themed emails are the most common vector for this attack, followed by English language campaigns.

Read the full article at Cofense

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Comments

I added CI/CD support to my natural language API testing CLI

The author of Octrafic released version 0.4.0, adding CI/CD support through a new headless mode that allows non-interactive testing and integration in...The author of Octrafic released version 0.4.0, adding CI/CD support through a new headless mode that allows non-interactive testing and integration into pipelines. This update is crucial for content creators and developers looking to streamline API t...

Ali Nemati

AI & Machine Learning21 hours ago24 sec read

What Happens When You Put "n" Billion Weights in Your RAM

The article discusses the technical aspects of running large language models locally, focusing on memory usage and computational requirements. It high...The article discusses the technical aspects of running large language models locally, focusing on memory usage and computational requirements. It highlights the shift from viewing AI as a distant service to understanding its internal workings firstha...

Ali Nemati

AI & Machine Learning23 hours ago26 sec read

How to Run LLMs Locally on Your iPhone in 2026 (Completely Offline, No Subscription)

Off Grid is an open-source app that allows users to run large language models directly on their iPhone without internet connection after initial downl...Off Grid is an open-source app that allows users to run large language models directly on their iPhone without internet connection after initial download. This development leverages Apple's powerful Neural Engine and Metal framework for efficient loc...

Ali Nemati

Cybersecurity1 day ago38 sec read

Security Affairs newsletter Round 565 by Pierluigi Paganini - INTERNATIONAL EDITION

This week's cybersecurity newsletter covers a range of topics including cyberattacks on organizations like Olympique Marseille and ManoMano, new malwa...This week's cybersecurity newsletter covers a range of topics including cyberattacks on organizations like Olympique Marseille and ManoMano, new malware such as Arkanix Stealer and Dohdoor, vulnerabilities in AI frameworks like Claude Code, and explo...

Ali Nemati

AI & Machine Learning1 day ago28 sec read

Memory Scaffolding Shapes LLM Inference: How Persistent Context Changes What AI Builds

The article demonstrates how persistent memory scaffolding significantly alters Large Language Model (LLM) outputs and reasoning processes, even when ...The article demonstrates how persistent memory scaffolding significantly alters Large Language Model (LLM) outputs and reasoning processes, even when using identical prompts and models. This technique injects context that shapes architectural density...

Ali Nemati

Abusing Windows File Explorer and WebDAV for Malware Delivery

Related Articles

I added CI/CD support to my natural language API testing CLI

What Happens When You Put "n" Billion Weights in Your RAM

How to Run LLMs Locally on Your iPhone in 2026 (Completely Offline, No Subscription)

Security Affairs newsletter Round 565 by Pierluigi Paganini - INTERNATIONAL EDITION

Memory Scaffolding Shapes LLM Inference: How Persistent Context Changes What AI Builds