Executive Summary On 19 August 2025, the Arctic Wolf® Cybersecurity Operations Center (cSOC) uncovered and remediated a sophisticated delivery chain: a threat actor leveraged GitHub’s repository structure together with paid placements on Google Ads to funnel users toward a malicious download hosted on a lookalike domain. By embedding a commit‑specific link in the advertisement, the attackers ... GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse...
