{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigizxkvjzn3bgtcryrf7dr5rpol5rfeegp73nyhjfnmskevrelkem",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3movbvcc7b4h2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreihcbfpqo55oo7jmaepykpwih6gpnlxk26cdg6lxyfsgfi2qxeyy5a"
    },
    "mimeType": "image/jpeg",
    "size": 213814
  },
  "path": "/2026/06/new-oxloader-loader-uses-malicious.html",
  "publishedAt": "2026-06-22T13:20:12.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER.\n\nAccording to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidence indicates that the threat actor is likely Russian-speaking and financially motivated, owing to the",
  "title": "New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer"
}