{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreidfdk3hbxojhbxhgl4oabhvh65w3vqw2glr55syvsrp5m5abarfsa",
"uri": "at://did:plc:iir655mcoipvnewhnkv6fb3u/app.bsky.feed.post/3moik5eymby52"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreif5z3vo2kyundug3ix42kfjsjnwwqdt56mvokd252ph75hwxu2cr4"
},
"mimeType": "image/png",
"size": 1009851
},
"path": "/italian-invoice-themed-phishing-campaign-delivers-upcrypter-and-neptunerat/",
"publishedAt": "2026-06-17T12:32:49.000Z",
"site": "https://www.d3lab.net",
"textContent": "\nItalian invoice-themed phishing campaign targeting users since February 2026. The infection chain abuses HTML attachments, fake download pages, JavaScript, PowerShell, and UpCrypter to deploy a final NeptuneRAT/MasonRAT payload.",
"title": "Italian Invoice-Themed Phishing Campaign Delivers UpCrypter and NeptuneRAT"
}