Few days ago, the CERT-Yoroi bulletin N061118 disclosed a dangerous campaign attacking several Italian users. The attack wave contained some interesting techniques need to look into further, especially regarding the obfuscation used to hide the malicious dropping infrastructure.

https://blog.yoroi.company/research/dissecting-the-mindscrew-powershell-obfuscation/