Deno Runtime-Based Loader — LeakNet Ransomware Indicator

Detects execution of the Deno runtime on corporate endpoints, a technique adopted by the LeakNet ransomware group as a malicious loader after initial access via ClickFix — a legitimate JavaScript runtime rarely present in enterprise environments