7 matches found
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems...
CVE-2026-33156 DLL Sideloading in ScreenToGif
ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...
Hiding in Plain Sight: Multi-Actor ahost.exe Attacks
Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe By Mallikarjun Wali and Mohideen Abdul Khader · January 14, 2026 Executive summary The Trellix Advanced Research Center has uncovered an active malware campaign that exploits a DLL sideloading...
How we trained an ML model to detect DLL hijacking
DLL hijacking is a common technique in which attackers replace a library called by a legitimate process with a malicious one. It is used by both creators of mass-impact malware, like stealers and banking Trojans, and by APT and cybercrime groups behind targeted attacks. In recent years, the numbe...
New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises
We uncovered Charon, a new ransomware strainfamily that uses advanced APT-style techniques, including DLL sideloading, process injection, and anti-EDR capabilities, to target organizations with customized ransom demands...
PT-2021-19543 · Mcafee · Mcafee Agent For Windows
Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: A DLL sideloading issue could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the...
Trend Micro Vulnerability Protection DLL Sideloading Vulnerability
Trend Micro Vulnerability Protection is an endpoint vulnerability protection product that provides one step faster and stronger endpoint protection. A DLL side-loading vulnerability exists in Trend Micro Vulnerability Protection 2.0. The vulnerability can be exploited by an attacker via the produ...