{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiatinpmawkcs66cffx4ir23kdd5tew263bqqmrvr2awrmnj7vyeue",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mj5ya4cbqf62"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidl2gg2fktgygwjei462eddgpcpmh2khlvzyiq2zwjimm6qhk3h4u"
    },
    "mimeType": "image/webp",
    "size": 16502
  },
  "path": "/desckvb-rat-uses-obfuscated-javascript-and-a-fileless-net-loader-to-evade-detection/",
  "publishedAt": "2026-04-10T14:07:59.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "DesckVB RAT uses obfuscated JavaScript and a fileless .NET loader to evade detection",
    "VPN Central"
  ],
  "textContent": "DesckVB RAT is a remote access trojan that uses layered scripting, fileless loading, and process injection to avoid many traditional defenses. Point Wild’s LAT61 team says the malware starts with an obfuscated JavaScript file, drops a PowerShell stage, and then loads .NET components directly into memory instead of relying on obvious files on disk. The […]\n\nThe post DesckVB RAT uses obfuscated JavaScript and a fileless .NET loader to evade detection appeared first on VPN Central.",
  "title": "DesckVB RAT uses obfuscated JavaScript and a fileless .NET loader to evade detection"
}