The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/11/russian-backed-threat-group-uses-socgholish-to-target-u-s-company/
