Summary
On April 2, 2026, a phishing campaign targeting Balkans-region businesses was identified, using a local language fake invoice email with a spoofed attachment image that links to a malicious JavaScript file hosted on Discord's CDN. The multi-stage infection chain is consistent with a broader Malware-as-a-Service operation documented since late 2025.
Take Action:
If you receive emails with invoices or shipping documents - especially if it's unexpected or from free email addresses like Gmail claiming to be a company - don't click on any attachments or links! Instead, verify directly with the sender through their official company website or phone number.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)