{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidfdk3hbxojhbxhgl4oabhvh65w3vqw2glr55syvsrp5m5abarfsa",
    "uri": "at://did:plc:iir655mcoipvnewhnkv6fb3u/app.bsky.feed.post/3moik5eymby52"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreif5z3vo2kyundug3ix42kfjsjnwwqdt56mvokd252ph75hwxu2cr4"
    },
    "mimeType": "image/png",
    "size": 1009851
  },
  "path": "/italian-invoice-themed-phishing-campaign-delivers-upcrypter-and-neptunerat/",
  "publishedAt": "2026-06-17T12:32:49.000Z",
  "site": "https://www.d3lab.net",
  "textContent": "\nItalian invoice-themed phishing campaign targeting users since February 2026. The infection chain abuses HTML attachments, fake download pages, JavaScript, PowerShell, and UpCrypter to deploy a final NeptuneRAT/MasonRAT payload.",
  "title": "Italian Invoice-Themed Phishing Campaign Delivers UpCrypter and NeptuneRAT"
}