Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader
VPN Central [Unofficial]
July 4, 2026
Security researchers have uncovered a campaign called StrikeShark that uses a custom malware loader named SharkLoader to deploy Cobalt Strike Beacon on compromised Windows systems. The campaign uses two main entry paths. Attackers exploit known vulnerabilities in internet-facing enterprise software and also distribute fake installers that pretend to be trusted tools such as Cisco AnyConnect […]
The post Hackers Use Fake Cisco AnyConnect and Google Update Installers to Drop SharkLoader appeared first on VPN Central.
Discussion in the ATmosphere