Summary

The RomCom malware has been distributed using a JavaScript loader called SocGholish, targeting a U.S.-based civil engineering company to deliver the Mythic Agent. This marks the first instance of RomCom being deployed via SocGholish, highlighting a significant development in the tactics of threat actors.