{"id":133906,"date":"2025-11-20T13:35:19","date_gmt":"2025-11-20T13:35:19","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=133906"},"modified":"2025-11-20T13:35:25","modified_gmt":"2025-11-20T13:35:25","slug":"tamperedchef-hacking-campaign-leverages-common-apps","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/","title":{"rendered":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access"},"content":{"rendered":"\n

A new global hacking campaign tracked as TamperedChef has emerged, exploiting everyday software names to trick users into installing malicious applications that deliver remote access tools.<\/p>\n\n\n\n

The campaign uses fake installers disguised as common programs like manual readers, PDF editors, and games, all equipped with valid code-signing certificates to appear legitimate.<\/p>\n\n\n\n

These applications are distributed through malvertising and search engine optimization techniques, making them easily discoverable by unsuspecting users searching for everyday tools or product manuals online.<\/p>\n\n\n\n

The attackers behind TamperedChef have built an industrial-scale operation using a network of U.S.-registered shell companies to acquire Extended Validation certificates.<\/p>\n\n\n\n

These disposable fronts allow the threat actors to sign their fake applications<\/a> with trusted certificates, which helps them bypass security defenses and gain user trust.<\/p>\n\n\n\n

Once a certificate is flagged or revoked, operators quickly register new shell companies under generic names like “Digital Marketing” to maintain continuous operations and keep their malicious software appearing legitimate.<\/p>\n\n\n\n

Acronis security researchers identified<\/a> the campaign in June 2025, though evidence suggests earlier activity. The operation primarily affects victims in the Americas, with roughly 80 percent concentrated in the United States, though the global infrastructure indicates a broad reach rather than targeted regional focus.<\/p>\n\n\n\n

Healthcare, construction, and manufacturing sectors show the highest concentration of infections, likely because users in these industries frequently search online for specialized equipment manuals, one of the behaviors TamperedChef exploits.<\/p>\n\n\n

\n
\"Bing
Bing search results leading to a TamperedChef-controlled download site (Source – Acronis)<\/figcaption><\/figure><\/div>\n\n\n

The malware’s attack chain begins when users download fake applications from malicious websites that appear in search results or advertisements.<\/p>\n\n\n\n

After installation, these applications drop an XML configuration file used to create a scheduled task for persistence. This task executes a heavily obfuscated JavaScript<\/a> payload that functions as a backdoor, establishing communication with command-and-control servers over HTTPS.<\/p>\n\n\n\n

The JavaScript payload encrypts data using XOR encryption with a random 16-byte key before encoding it with base64 for transmission.<\/p>\n\n\n\n

Infection Chain and Persistence Mechanism<\/strong><\/h2>\n\n\n\n

The TamperedChef infection process follows a multi-stage execution chain designed to evade detection while maintaining persistent access.<\/p>\n\n\n\n

When users execute the downloaded installer, they encounter a standard license agreement window that mimics legitimate software installation.<\/p>\n\n\n\n

During installation, the malware places a file named “task.xml” either in the installer’s temporary directory or the program installation directory at %APPDATA%\\Programs\\[Fake Application Name]<\/code>.<\/p>\n\n\n

\n
\"Execution
Execution chain (Source – Acronis)<\/figcaption><\/figure><\/div>\n\n\n

This XML file serves as the configuration for creating a scheduled task using the command: schtasks \/Create \/tn \"Scheduled Daily Task\" \/xml \"%APPDATA%\\Local\\Programs\\AnyProductManual\\task.xml\"<\/code>.<\/p>\n\n\n\n

The task executes immediately after creation and repeats every 24 hours with a random delay of up to 30 minutes.<\/p>\n\n\n\n

This configuration allows extended runtimes, blocks multiple simultaneous instances, and automatically runs any missed schedules, ensuring the JavaScript payload executes consistently without raising suspicion.<\/p>\n\n\n\n

The JavaScript payload itself is heavily obfuscated<\/a> using tools from obfuscator.io, applying multiple techniques including string and function renaming, control flow flattening, and dead code injection.<\/p>\n\n\n\n

Once executed, the malware establishes communication with hard-coded command-and-control servers that evolved from random domain-generated strings to more recognizable domain names to blend with normal network traffic.<\/p>\n\n\n\n

The payload generates a machine ID to fingerprint devices and performs registry operations for system reconnaissance.<\/p>\n\n\n\n

The malware sends encrypted JSON objects containing event names, session IDs, machine IDs, and metadata to the C2 server. It also possesses remote code execution<\/a> capabilities, allowing attackers to run commands on compromised systems.<\/p>\n\n\n\n

The campaign’s infrastructure relies on NameCheap for domain registration with one-year registration periods and domain privacy protection to hide ownership, enabling quick infrastructure rebuilding following takedowns.<\/p>\n\n\n\n

Recent discoveries show the operation continues expanding with new shell company signers including Stratus Core Digital LLC, DataX Engine LLC, and Nova Sphere Systems LLC, all following identical attack patterns.<\/p>\n\n\n\n

Follow us on\u00a0Google News<\/a>,\u00a0LinkedIn<\/a>,\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates<\/strong>,\u00a0Set CSN as a Preferred Source in\u00a0Google<\/a>.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

A new global hacking campaign tracked as TamperedChef has emerged, exploiting everyday software names to trick users into installing malicious applications that deliver remote access tools. The campaign uses fake installers disguised as common programs like manual readers, PDF editors, and games, all equipped with valid code-signing certificates to appear legitimate. These applications are distributed […]<\/p>\n","protected":false},"author":6,"featured_media":133925,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11,48],"tags":[149,151],"class_list":{"0":"post-133906","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security-news","8":"category-threats","9":"tag-cyber-security","10":"tag-cyber-security-news"},"yoast_head":"\nTamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access<\/title>\n<meta name=\"description\" content=\"TamperedChef uses fake installers with valid certs and malvertising to spread RATs, supported by U.S.-based shell firms.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access\" \/>\n<meta property=\"og:description\" content=\"TamperedChef uses fake installers with valid certs and malvertising to spread RATs, supported by U.S.-based shell firms.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-20T13:35:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-20T13:35:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tushar Subhra Dutta\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tushar Subhra Dutta\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access","description":"TamperedChef uses fake installers with valid certs and malvertising to spread RATs, supported by U.S.-based shell firms.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/","og_locale":"en_US","og_type":"article","og_title":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access","og_description":"TamperedChef uses fake installers with valid certs and malvertising to spread RATs, supported by U.S.-based shell firms.","og_url":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2025-11-20T13:35:19+00:00","article_modified_time":"2025-11-20T13:35:25+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp","type":"","width":"","height":""},{"width":1600,"height":900,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp","type":"image\/jpeg"}],"author":"Tushar Subhra Dutta","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp","twitter_creator":"@The_Cyber_News","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Tushar Subhra Dutta","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/"},"author":{"name":"Tushar Subhra Dutta","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/7eb7d8d026aa5dd566f134d4def5c05c"},"headline":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access","datePublished":"2025-11-20T13:35:19+00:00","dateModified":"2025-11-20T13:35:25+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/"},"wordCount":637,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#primaryimage"},"thumbnailUrl":"https:\/\/i1.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp?w=1600&resize=1600,900&ssl=1","keywords":["cyber security","cyber security news"],"articleSection":["Cyber Security News","Threats"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/","url":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/","name":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#primaryimage"},"thumbnailUrl":"https:\/\/i1.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp?w=1600&resize=1600,900&ssl=1","datePublished":"2025-11-20T13:35:19+00:00","dateModified":"2025-11-20T13:35:25+00:00","description":"TamperedChef uses fake installers with valid certs and malvertising to spread RATs, supported by U.S.-based shell firms.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#primaryimage","url":"https:\/\/i1.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp?w=1600&resize=1600,900&ssl=1","contentUrl":"https:\/\/i1.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp?w=1600&resize=1600,900&ssl=1","width":"1600","height":"900"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/tamperedchef-hacking-campaign-leverages-common-apps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"TamperedChef Hacking Campaign Leverages Common Apps to Deliver Payloads and Gain Remote Access"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World's #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/7eb7d8d026aa5dd566f134d4def5c05c","name":"Tushar Subhra Dutta","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f8bc0247220c7d4dea6c8b5a77d910613305ead17b13c2a7920b400435a848dd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8bc0247220c7d4dea6c8b5a77d910613305ead17b13c2a7920b400435a848dd?s=96&d=mm&r=g","caption":"Tushar Subhra Dutta"},"description":"Tushar is a senior cybersecurity and breach reporter. He specializes in covering cybersecurity news, trends, and emerging threats, data breaches, and malware attacks. With years of experience, he brings clarity and depth to complex security topics.","url":"https:\/\/cybersecuritynews.com\/author\/tushar\/"}]}},"jetpack_featured_media_url":"https:\/\/i1.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj_WHn7hdXDu7tx_TSQuv5C6F4N_huF1tvTfbaq3ZWTsy9IDvh1BK-yGCLDMhvS5PRydcFMa4XjbVH5_TJHsBORxtpD3fCXvORfOXZR0f2PmsNJhrvYaTVk4058dkCcm4YRfaxy5xBNPM2jMSZQzVfV2UqVIbFcJiheeMRJo1sQ0atkSjJps5mca2w8hfU\/s16000\/TamperedChef%20Hacking%20Campaign%20Leverages%20Common%20Apps%20to%20Deliver%20Payloads%20and%20Gain%20Remote%20Access.webp?w=1600&resize=1600,900&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=133906"}],"version-history":[{"count":1,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133906\/revisions"}],"predecessor-version":[{"id":133924,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133906\/revisions\/133924"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/133925"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=133906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=133906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=133906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}