Cyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine.
This article has been indexed from Cyware News – Latest Cyber News