“Waiting Thread Hijacking” (WTH) is a newly identified malware technique that stealthily exploits waiting threads in Windows, allowing malicious code injection without triggering security alerts. By manipulating dormant threads and replacing their return addresses with malicious pointers, attackers can execute harmful code while evading detection by modern cybersecurity solutions. CheckPoint has developed protections against this sophisticated threat.
LummaStealer Exploits Windows Utility to Run Remote Code Disguised as .mp4 File
The Cybereason Global Security Operations Center (GSOC) has reported on the LummaStealer malware’s advanced evasion techniques. The Russian-developed malware uses the Microsoft HTML Application Host
