The cybersecurity firm Sophos has discovered a new malware campaign named Nitrogen, where threat actors are utilizing Google ads and Bing ads to spread malware to targeted users. The attackers advertise popular tools like AnyDesk, WinSCP, TreeSize Free, and Cisco AnyConnect VPN through these ads. However, when users click on the ads, instead of being redirected to the official websites of these tools, they are sent to compromised WordPress websites or landing pages specifically designed for this campaign. On these compromised pages, users are offered to download installers, usually in the form of .ISO files.