Information security
fromThe Hacker News
21 hours agoGootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
GootLoader has resurfaced, using custom WOFF2 glyph substitution and WordPress comment endpoints to deliver XOR-encrypted ZIP payloads, enabling rapid domain controller compromise and ransomware hand-offs.