The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent.”This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report.The activity has been attributed with medium-to-high
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/11/romcom-uses-socgholish-fake-update.html
