<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>OIS Threat Research (English)</title><description>Public research from OIS Threat Research, Open Information Security Inc.</description><link>https://oisthreat.com/</link><language>en</language><item><title>Inside Silver Fox, Part 1: Payload Landing — the Invisible Loader Chain of Inno Setup and Pascal</title><link>https://oisthreat.com/en/research/silverfox-part1-inno-setup-loader/</link><guid isPermaLink="true">https://oisthreat.com/en/research/silverfox-part1-inno-setup-loader/</guid><description>Silver Fox APT wraps a malicious Pascal script inside an Inno Setup installer that performs environment reconnaissance, adds the entire C: drive to the Defender exclusion list, disables network adapters to block reporting, and then decrypts and drops the next-stage loader men.exe — this report reconstructs the landing stage of that seemingly normal installer.</description><pubDate>Wed, 11 Feb 2026 00:00:00 GMT</pubDate></item></channel></rss>