VERY IMPORTANT

Arctic Wolf Labs discovered a new campaign by Venom Spider targeting corporate HR departments with fake resumes containing the More_eggs backdoor. The financially motivated threat group uses spear-phishing emails and abuses legitimate job platforms to apply for real jobs. The backdoor can steal credentials, customer data, and intellectual property. Several upgrades were found, including server-side polymorphism and evasion techniques. The attack chain involves obfuscated JavaScript, LNK files, and a dropper that generates polymorphic code. Organizations are advised to train employees on phishing awareness, especially those in HR who regularly open attachments from unknown senders.