Cybersecurity

Malspam Attack Uses Google DoubleClick Redirects to Deliver Fileless .NET Loader

29 sec read5 views0 listens

A malspam campaign discovered in May 2026 exploits Google's DoubleClick infrastructure to deliver a sophisticated fileless .NET loader targeting German-speaking businesses. The loader runs entirely in memory, patches Windows' built-in telemetry (AMSI and ETW), and injects into legitimate Microsoft-signed processes to evade detection. This attack demonstrates how adversaries abuse trusted services to bypass security controls, highlighting the need for email authentication protocols, sandbox scanning, and behavioral analysis beyond traditional file-based detection.

Read the full article at Cyber Security News

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

Researchers have uncovered a 230-node cloud-based email relay network operated by the threat actor PCPJack, revealed due to exposed C2 tools and logs. The operation utilizes compromised cloud servers across AWS, Google Cloud, and Azure, with a toolki...

Ali Nemati

Cybersecurity1 day ago29 sec read

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

Recent malware campaigns are exploiting Steam community profiles for command-and-control operations and utilizing deceptive interfaces to steal sensitive AI tokens from developers. Security professionals now have access to specialized analysis tools ...

Ali Nemati

Cybersecurity1 day ago30 sec read

CISA Warns of Linux Kernel Improper Authentication Vulnerability Exploited in Attacks

A critical Linux kernel vulnerability, CVE-2022-0492, has been added to CISA's exploited vulnerabilities catalog, posing a significant privilege escalation risk through improper authentication in cgroups v1. This flaw enables local attackers to execu...

Ali Nemati

Cybersecurity3 days ago31 sec read

The Good, the Bad and the Ugly in Cybersecurity - Week 23

A joint operation between U.S. agencies and private tech firms resulted in the disruption of 1.4 million social media accounts linked to transnational cryptocurrency fraud networks in Southeast Asia. This initiative demonstrates the increasing effica...

Ali Nemati

Cybersecurity3 days ago32 sec read

Infosec News Nuggets - June 5, 2026

Recent cybersecurity threats include hackers spying on a stock exchange executive's email for five months using cloud storage to disguise data exfiltration, and a Visual Studio Code zero-day vulnerability enabling one-click GitHub token theft. Additi...

Ali Nemati

Malspam Attack Uses Google DoubleClick Redirects to Deliver Fileless .NET Loader

Related Articles

PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 100

CISA Warns of Linux Kernel Improper Authentication Vulnerability Exploited in Attacks

The Good, the Bad and the Ugly in Cybersecurity - Week 23

Infosec News Nuggets - June 5, 2026