{"id":15751,"date":"2025-04-18T12:03:00","date_gmt":"2025-04-18T12:03:00","guid":{"rendered":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/"},"modified":"2025-04-18T12:03:00","modified_gmt":"2025-04-18T12:03:00","slug":"multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/","title":{"rendered":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)"},"content":{"rendered":"<p>A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader.<br \/>\n&#8220;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&#8221; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.<br \/>\nThe<a href=\"https:\/\/thehackernews.com\/2025\/04\/multi-stage-malware-attack-uses-jse-and.html\" target=\"_blank\" class=\"feedzy-rss-link-icon\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &#8220;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&#8221; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":15752,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15751","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &quot;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&quot; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"admin\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &quot;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&quot; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-04-18T12:03:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-04-18T12:03:00+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &quot;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&quot; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#blogposting\",\"name\":\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"headline\":\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/malware-infection-ClN4W9.jpeg\",\"width\":728,\"height\":380},\"datePublished\":\"2025-04-18T12:03:00+00:00\",\"dateModified\":\"2025-04-18T12:03:00+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#listItem\",\"name\":\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#listItem\",\"position\":3,\"name\":\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"admin\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/\",\"name\":\"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \\u203a Sekuritas IT\",\"description\":\"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. \\\"Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,\\\" Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/admin\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/malware-infection-ClN4W9.jpeg\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#mainImage\",\"width\":728,\"height\":380},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2025\\\/04\\\/18\\\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\\\/#mainImage\"},\"datePublished\":\"2025-04-18T12:03:00+00:00\",\"dateModified\":\"2025-04-18T12:03:00+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. \"Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,\" Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#blogposting","name":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","headline":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/04\/malware-infection-ClN4W9.jpeg","width":728,"height":380},"datePublished":"2025-04-18T12:03:00+00:00","dateModified":"2025-04-18T12:03:00+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#listItem","name":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#listItem","position":3,"name":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"Person","@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author","url":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/","name":"admin","image":{"@type":"ImageObject","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/d7e1b280a86a35aded993a38df224bb7b360b70bfbabceccbea7c0ef0ab5e175?s=96&d=retro&r=g","width":96,"height":96,"caption":"admin"}},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/","name":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","description":"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. \"Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,\" Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/admin\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/sekuritasit.com\/wp-content\/uploads\/2025\/04\/malware-infection-ClN4W9.jpeg","@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#mainImage","width":728,"height":380},"primaryImageOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/#mainImage"},"datePublished":"2025-04-18T12:03:00+00:00","dateModified":"2025-04-18T12:03:00+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","og:description":"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &quot;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&quot; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign.","og:url":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/","article:published_time":"2025-04-18T12:03:00+00:00","article:modified_time":"2025-04-18T12:03:00+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News) \u203a Sekuritas IT","twitter:description":"A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. &quot;Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,&quot; Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign."},"aioseo_meta_data":{"post_id":"15751","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2025-04-18 12:53:01","updated":"2025-10-15 14:40:51","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tMulti-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader info@thehackernews.com (The Hacker News)","link":"https:\/\/sekuritasit.com\/index.php\/2025\/04\/18\/multi-stage-malware-attack-uses-jse-and-powershell-to-deploy-agent-tesla-and-xloader-infothehackernews-com-the-hacker-news\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/15751","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=15751"}],"version-history":[{"count":0,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/15751\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media\/15752"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=15751"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=15751"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=15751"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}