A new malware family named WarmCookie, also known as BadSpace, has been actively distributed through malspam and malvertising campaigns since April 2024.
See: https://redskyalliance.org/xindustry/windows-backdoor-to-push-badspace
According to a blog post from Cisco Talos published on 23 October 2024, the malware facilitates persistent access to compromised networks. It has been observed as an initial payload, often leading to the deployment of additional malware such as CSharp-Streamer-RAT an
