diff --git a/emmenhtal/readme.md b/emmenhtal/readme.md
index c6aafc4..239198f 100644
--- a/emmenhtal/readme.md
+++ b/emmenhtal/readme.md
@@ -2,6 +2,7 @@ Emmenhtal is a malicious loader likely distributed since early 2024, and first p
 Emmenhtal is an obfuscated multistage payload that spawns an execution of the LOLBIN mshta.exe to read a first HTA stage that embeds a malicious JavaScript code. Once interpreted and executed, the JavaScript decodes and runs a PowerShell script. The latter decrypts an obfuscated PowerShell loader which finally downloads and runs final-stage stealers and commodity RATs.
 
 Blogpost URL: https://www.orangecyberdefense.com/no/blog/cert-news/emmenhtal-a-little-known-loader-distributing-commodity-infostealers-worldwide
+
 World Watch advisory (for our clients): https://portal.cert.orangecyberdefense.com/worldwatch/advisory/1778
 
 As of March 2025, our CERT has identified three versions of the loader, all actively distributed.