{"id":11199,"date":"2026-03-08T10:03:43","date_gmt":"2026-03-08T10:03:43","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/03\/08\/termite-ransomware-breaches-linked-to-clickfix-castlerat-attacks\/"},"modified":"2026-03-08T10:03:43","modified_gmt":"2026-03-08T10:03:43","slug":"termite-ransomware-breaches-linked-to-clickfix-castlerat-attacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/03\/08\/termite-ransomware-breaches-linked-to-clickfix-castlerat-attacks\/","title":{"rendered":"Termite ransomware breaches linked to ClickFix CastleRAT attacks"},"content":{"rendered":"<p>    Termite ransomware breaches linked to ClickFix CastleRAT attacks<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. [&#8230;]<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Bill Toulas<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/termite-ransomware-breaches-linked-to-clickfix-castlerat-attacks\/\">Go to bleepingcomputer<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Termite ransomware breaches linked to ClickFix CastleRAT attacks Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. [&#8230;] Bill Toulas Go to bleepingcomputer<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[64,133],"tags":[80],"class_list":["post-11199","post","type-post","status-publish","format-standard","hentry","category-bleepingcomputer","category-security","tag-bleepingcomputer"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/11199"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=11199"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/11199\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=11199"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=11199"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=11199"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}