Activity of Rugmi malware loader spikes

Various threat operations like Sangria Tempest or FIN7, and others, have used Microsoft’s ‘ms-appinstaller protocol’ to speed up Windows app installation and spread malware. As a result, the protocol has been deactivated, according to cybersecurity news site, The Record.