Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...
The Hacker News

China-Linked Evasive Panda Ran DNS Poisoning Campaign to Deliver MgBot Malware

China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.