Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks www.darkreading.com/cloud-sec…

Threat actors are using .lnk shortcut files to deliver remote payloads in a sophisticated campaign, according to research security vendor Securonix published today.

In this malware campaign, tracked as “Serpentine#Cloud,” the attacker leverages “Cloudflare Tunnel infrastructure and Python-based loaders to deliver memory-injected payloads through a chain of shortcut files and obfuscated scripts,” the researchers explained.