T1608.001

Stage Capabilities: Upload Malware

discovered 2026-07-08

Quixo.7z payload staged as a GitHub release asset (tb78/expresso); malware committed to lure-repo source trees and releases.

View on MITRE ATT&CK

Seen in packages

Campaigns