Malwarebytes Labs discovered a Bing ad disguised as a link to install NordVPN, which instead led to a remote access trojan named SecTopRAT. The researchers found that the trojan could control browser sessions and send system information to an attacker’s control server. The deceptive ad was reported to Microsoft and Dropbox, the latter of which has since removed the linked account. Despite this, the malvertising campaign may still be active under a different identity.

Federal firings and office closures create concerns for miners
Sweeping layoffs and federal office closures in the US are raising concerns about miner safety and health. Notably, 873 staff cuts are expected from the