Cybercriminals are targeting organizations with a new malware campaign that exploits Windows App-V scripts to deploy the Amatera infostealer. The attack combines social engineering tactics with legitimate Windows components, tricking users into running malicious commands through fake CAPTCHA pages. By manipulating Microsoft’s SyncAppvPublishingServer.vbs script and PowerShell, the attackers bypass traditional security defenses, making detection more difficult. Once inside, Amatera steals sensitive data such as passwords and cookies, using Google Calendar and steganography to hide its activities. To combat this threat, businesses must restrict access to system tools, monitor PowerShell activities, and provide security awareness training for employees to recognize fake verification pages. Traditional antivirus solutions are not enough—organizations need advanced endpoint detection and response to protect against these evolving tactics. ... Read More