{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibeymvmipmltlfjamgmex2s7szdn2mo4vacutgyej4de4slcmbhyu",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mfdgtfdia7p2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidp62palksxszx2wdvpq23uplfou5cf2h7azdotl3ybn7uckoig6i"
    },
    "mimeType": "image/webp",
    "size": 319098
  },
  "path": "/xworm-v5-6-targets-latam-via-fake-bank-receipts/",
  "publishedAt": "2026-02-20T19:39:37.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "XWorm v5.6 Targets LATAM via Fake Bank Receipts",
    "VPN Central"
  ],
  "textContent": "XWorm v5.6 malware spreads through fake Bradesco bank receipts targeting Brazilian and LATAM businesses. The campaign delivers a multi-stage RAT that steals credentials, hijacks browser sessions, and sets up ransomware staging. Researcher Moises Cerqueira uncovered the sophisticated infection chain. Attackers disguise droppers as PDFs using .pdf.js double extensions. Files inflate to 1.2MB with junk Unicode […]\n\nThe post XWorm v5.6 Targets LATAM via Fake Bank Receipts appeared first on VPN Central.",
  "title": "XWorm v5.6 Targets LATAM via Fake Bank Receipts"
}