Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named NetSupport RAT. The attack chain, analyzed by Securonix, involves three main moving parts: An obfuscated JavaScript loader injected into a website, an HTML Application (HTA) that runs encrypted
![]()
source https://thehackernews.com/2025/12/experts-confirm-jssmuggler-uses.html
source https://thehackernews.com/2025/12/experts-confirm-jssmuggler-uses.html