A new loader has been identified leveraging the Pascal scripting engine in Inno Setup. It is used to distribute infostealers such as LummaC2, DeerStealer, Rhadamanthys, and StealC. Typically spread via fake application websites, the loader features anti-VM capabilities, XOR-based string encryption, and retrieves payloads from TinyURL using an authentication token....