The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Storm-0249 now employs ClickFix, fileless PowerShell, and DLL sideloading to gain stealthy access that enables ransomware ...
Computer Weekly

NCSC warns of confusion over true nature of AI prompt injection

Malicious prompt injections to manipulate generative artificial intelligence (GenAI) large language models (LLMs) are being ...

Ransomware IAB abuses EDR for stealthy malware execution

An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft ...

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR ...
Infosecurity Magazine

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware ...
GitHub

COM-based DLL Surrogate Injection

This paper analyzes a sophisticated injection technique that leverages the Component Object Model (COM) and DLL Surrogate processes for stealthy code execution. Unlike traditional COM hijacking ...