TrueConf Zero-Day Exploited in Asian Government Attacks A Chinese threat actor exploited a zero-day in TrueConf's update mechanism (CVE-2026-3502) to distribute a malicious update from a compromised on-premises server in attacks against government entities in Asia. The trojanized installer used DLL sideloading to deploy an implant for reconnaissance, persistence and C2 communications, and TrueConf released version 8.5.3 while...

A Chinese threat actor exploited CVE-2026-3502 in TrueConf’s update mechanism, distributing a malicious DLL-sideloaded update from a compromised server targeting Asian government entities. #TrueConf #DLLSideloading #China

Storm-0249 Escalates Ransomware Attacks with ClickFix Fileless PowerShell and DLL Sideloading using tax-related themes read more about Storm-0249 Escalates Ransomware Attacks with ClickFix Fileless PowerShell and DLL Sideloading

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading reconbee.com/storm-0249-e...

#storm0249 #ransomwareattack #clickfix #PowerShell #DLLsideloading #cyberattack

ValleyRAT Targets Job Seekers via Foxit Reader

~Trendmicro~
A campaign targets job seekers with email lures, using a weaponized Foxit PDF Reader for DLL side-loading to deploy ValleyRAT.
-
IOCs: 196. 251. 86. 145, 51. 79. 214. 125, 154. 90. 58. 164
-
#DLLSideloading #ThreatIntel #ValleyRAT

Cybercriminals exploit OneDrive.exe via DLL sideloading to execute malicious code undetected. Learn how to protect your systems from this sophisticated attack. #CyberSecurity #DLLSideloading #OneDrive Link: thedailytechfeed.com/cybercrimina...

EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company I'd like to thank my coauthors, Victor Vrabie, Adrian Schipor, and Martin Zugec, for their invaluable contributions to this research.

'EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company'

www.bitdefender.com/en-gb/blog/b...

#CyberSecurity #APT #Fileless #DLLSideloading #Keylogger

Apt29 rilancia le campagne phishing su diplomatici europei con Grapeloader e Wineloader usando side-loading e shellcode evasivi

#apt29 #CozyBear #cyberspionaggio #DLLsideloading #grapeloader #guerracibernetica #malwaremodulare #phishingdiplomatico #rc4
www.matricedigitale.it/sicurezza-in...

Resolverrat colpisce sanità e farmaceutica con phishing localizzati e caricamento in memoria tramite dll e framework .net

#accessoremoto #DLLsideloading #evasione #malware #PHISHING #resolverrat #sanità #sideloading
www.matricedigitale.it/sicurezza-in...

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading ResolverRAT targets healthcare and pharma via localized phishing; uses advanced stealth tactics to ensure persistence and evade detection.

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
thehackernews.com/2025/04/reso...

#Infosec #Security #Cybersecurity #CeptBiro #ResolverRATCampaign #Healthcare #Pharma #Phishing #DLLSideLoading

Cisco Talos scopre un’operazione persistente con file di collegamento malevoli, PowerShell offuscati e DLL sideloading per infettare con Remcos

#apt #backdoor #c2 #DLLsideloading #Gamaredon #guerracibernetica #lnk #malware #PHISHING #Powershell #Remcos #talo
www.matricedigitale.it/sicurezza-in...

Cisco Talos scopre un’operazione persistente con file di collegamento malevoli, PowerShell offuscati e DLL sideloading per infettare con Remcos

#apt #backdoor #c2 #DLLsideloading #Gamaredon #guerracibernetica #lnk #malware #PHISHING #Powershell #Remcos #talo
www.matricedigitale.it/sicurezza-in...

Cisco Talos scopre un’operazione persistente con file di collegamento malevoli, PowerShell offuscati e DLL sideloading per infettare con Remcos

#apt #backdoor #c2 #DLLsideloading #Gamaredon #guerracibernetica #lnk #malware #PHISHING #Powershell #Remcos #talo
www.matricedigitale.it/sicurezza-in...

QWCrypt è il ransomware usato da RedCurl per attacchi mirati su hypervisor: un’operazione tecnica e silenziosa, con alta personalizzazione.

#crittografiamirata #DLLsideloading #livingofftheland #phishingIMG #QWCrypt #ransomwarehypervisor #RedCurl
www.matricedigitale.it/sicurezza-in...

QWCrypt è il ransomware usato da RedCurl per attacchi mirati su hypervisor: un’operazione tecnica e silenziosa, con alta personalizzazione.

#crittografiamirata #DLLsideloading #livingofftheland #phishingIMG #QWCrypt #ransomwarehypervisor #RedCurl
www.matricedigitale.it/sicurezza-in...

QWCrypt è il ransomware usato da RedCurl per attacchi mirati su hypervisor: un’operazione tecnica e silenziosa, con alta personalizzazione.

#crittografiamirata #DLLsideloading #livingofftheland #phishingIMG #QWCrypt #ransomwarehypervisor #RedCurl
www.matricedigitale.it/sicurezza-in...

🚨 Malware Alert: Yokai Backdoor Campaign Hits Thai Officials with DLL Side-Loading! 🚨 🔥 Yokai Backdoor Targets Thai Officials 🔥 A recently discovered Yokai Backdoor Campaign is targeting Thai government officials, leveraging DLL Side-Loading Techniques to infiltrate and compromise syst...

🚨 Malware Alert: Yokai Backdoor Campaign Hits Thai Officials with DLL Side-Loading! 🚨 #Follow
www.linkedin.com/pulse/malwar...

#CyberSecurity 🛡️ #YokaiBackdoor 📡 #DLLSideLoading 🔥 #CyberThreat 🚨 #MalwareAttack 💣 #ThaiOfficials 🎯 #CyberEspionage 🕵️‍♂️ #InfoSec 🛠️ #PenTest 🔐 #CyberAttack ⚔️ #ThreatHunt

Unit42-timely-threat-intel/2024-09-19-IOCs-for-file-downloader-to-Lumma-Stealer.txt at main · PaloAltoNetworks/Unit42-timely-threat-intel A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence. - PaloAltoNetworks/Unit42-timely-threat-intel

2024-09-19 (Thurs): As early as 2024-09-10, this infection chain abuses steamerrorreporter64.exe to side-load vstdlib_s64.dll as a downloader to retrieve & run #LummaStealer. Details at bit.ly/3zrV0yY
#DllSideLoading #Lumma #TimelyThreatIntel #Unit42ThreatIntel

Ransomware Disguised as a Game: Kransom’s Attack Through DLL Side-Loading Follow us on Twitter (X) @Hackread - Facebook @ /Hackread

Ransomware Disguised as a Game: Kransom’s Attack Through DLL Side-Loading
hackread.com/ransomware-d...
#Infosec #Security #Cybersecurity #CeptBiro #Ransomware #DisguisedAsAgame #KransomAttack #DLLSideLoading

The Rise of Malicious Packages in DevOps - SOCRadar® Cyber Intelligence Inc. July 21, 2023: On July 18, 2023, GitHub identified a social engineering campaign that targets the personal accounts of employees of technology firms,

Researchers discovered two open-source #PyPI packages, NP6HelperHttptest and NP6HelperHttper, leveraged by threat actors to infiltrate systems via #DLLsideloading, evading detection tools and raising #supplychain concerns.

New Malicious PyPI Packages Use DLL Sideloading In A Supply Chain Attack Researchers have discovered that threat actors have been using open-source platforms and codes for several purposes, such as hosting C2 infrastructure, storing stolen data, and delivering second and t...

New Malicious PyPI Packages Use DLL Sideloading In A Supply Chain Attack
gbhackers.com/malicious-py...
#Infosec #Security #Cybersecurity #CeptBiro #PyPIPackages #DLLSideloading #SupplyChainAttack