A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.
Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569.
“Observed DEV-0569 attacks show a pattern of continuous innovation, with