Trustwave SpiderLabs researchers have uncovered a sophisticated EncryptHub campaign that ingeniously abuses the Brave Support platform to deliver malicious payloads, leveraging the recently disclosed CVE-2025-26633 vulnerability in Microsoft Management Console (MMC).
Dubbed MSC EvilTwin, this flaw enables attackers to execute arbitrary code via manipulated .msc files, allowing EncryptHub also known as LARVA-208 or Water Gamayun to infiltrate systems through a blend of social engineering and technical exploitation.
https://gbhackers.com/encrypthub-turns- ... a-dropper/