EncryptHub Exploits Windows Zero-Day Vulnerability to Deploy Malware

The cybercriminal group EncryptHub has exploited a recently patched vulnerability in Microsoft Windows as a zero-day to deploy various families of malware, including backdoors and information stealers like Rhadamanthys and StealC. In this attack, the malicious actors manipulate .msc files and the Multilingual User Interface Path (MUIPath) to download and execute malicious payloads.