Threat actors are increasingly abandoning traditional compiled malware in favor of legitimate scripting engines to evade detection. In a sophisticated recent intrusion, attackers deployed a modular Remote Access Trojan (RAT) using Deno, a secure JavaScript and TypeScript runtime. By combining aggressive social engineering with a fragmented, microservice-like architecture, the attackers successfully bypassed initial endpoint security. […]
The post Deno-Based Malware Abuses CloudFront WebSocket C2 for Remote Access and Internal Pivoting appeared first on Cyber Security News.