Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
GitHub

An ambient train script for RedM servers.

This script is a resurrection of ts_trains, rebuilt in lua. Credits go to the author of ts_trains, as well as @Wartype and @t3chman for their help/info on track junctions and hashes. Credit also goes ...