Tag
Threat actors are abusing Microsoft's ClickOnce technology, a legitimate application deployment mechanism, to spread malware by leveraging its user-friendly installation process that bypasses traditional security controls and administrative privileges, facilitating initial access and execution on Windows endpoints.