The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot.
https://threatpost.com/cybercriminals-windows-utility-regsvr32-malware/178333/
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
https://threatpost.com/squirrelwaffle-loader-malspams-packing-qakbot-cobalt-strike/175775/