CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
InfoWorld

Malware no longer avoiding virtual machines

Symantec finds most malware these days doesn't quit on VMs, which used to be a tactic to avoid security checks Many malicious software programs used to make a quick exit on virtual machines, a tactic ...