Cyber Intelligence

GhostTree Attack Abused Recursive Windows Junctions to Hide Malware

Medium Severity Global
Date Occurred Jun 16, 2026 14:17 UTC
Event Type Cyber Intelligence
Source BleepingComputer
Recorded Jun 16, 2026
Full Description

GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving

Original Source
https://www.bleepingcomputer.com/news/security/ghosttree-attack-abused-recursive-windows-junctions-to-hide-malware/
Event Metadata
  • ID #8961
  • Type Cyber Intelligence
  • Region Global
  • Severity Medium
  • Indexed Jun 16, 2026
Quick Actions
Back to Events View on Globe Read Original Article

Related Events

UK to require ID or face scan before you can make social media accounts
Jun 16, 2026 Medium Ukraine
FTC warns of record $3.5 billion losses to imposter scams in 2025
Jun 16, 2026 Medium
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Jun 16, 2026 Medium
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Jun 16, 2026 Medium
CISA warns of another cPanel plugin flaw exploited in attacks
Jun 16, 2026 Medium
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Jun 16, 2026 Medium