Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
GitHub

An universal Office "activation" hook with main focus of enabling full functionality of subscription editions.

This project is released mainly for our partners. We won't be directly providing any kind of support for users. copy /y sppc64.dll "%programfiles%\Microsoft Office ...