Cybersecurity

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

22 JUN 2026

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy CastleStealer.

More info