A sophisticated threat actor, TAG-150, active since at least March 2025. Characterized by rapid malware development, technical sophistication, and a sprawling multi-tiered infrastructure, TAG-150 has deployed several self-developed families—CastleLoader, CastleBot, and most recently CastleRAT—targeting organizations via phishing campaigns and fraudulent repositories. TAG-150 first surfaced with CastleLoader, a loader that delivers a diverse set of follow-on […]The post TAG-150 Hackers Escalate Attacks with Proprietary Malware Families appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.