Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
The Hacker News

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.
Redmondmag.com

Signed Malware Impersonating Workplace Apps Used To Deploy RMM Backdoors

Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy ...