The Cybereason Global Security Operations Center (GSOC) has reported on the LummaStealer malware’s advanced evasion techniques. The Russian-developed malware uses the Microsoft HTML Application Host to execute remote code disguised as an innocuous .mp4 file. Furthermore, LummaStealer uses memory injection techniques to bypass Antimalware Scan Interface (AMSI) and uses a fake CAPTCHA page to socially engineer users into triggering code execution.
Google Warns Ransomware Actors Are Shifting Tactics as Profits Fall and Data Theft Rises
The ransomware threat landscape entered a new phase in 2025. Once a highly reliable criminal business model built on encrypting victim files and collecting ransom
