The Hacker News

@thehackernews

06.04.2026 15:10

�� Qilin and Warlock #ransomware are disabling defenses before attacks using BYOVD techniques.

Qilin uses a side-loaded DLL to kill 300+ EDR drivers via vulnerable kernel drivers. Warlock exploits SharePoint and uses similar drivers to bypass kernel-level security, often delaying ransomware execution.

�� Find the technique disabling EDR tools → https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html

🤯 7

👏 5

🔥 3

25 6.2K

Обсуждение 0

Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.

Обсудить в Telegram

The Hacker News

@thehackernews

162.3K

⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking.

📨 Contact: admin@thehackernews.com

🌐 Website: https://thehackernews.com

Все посты канала

Открыть в Telegram

Обсуждение 0

The Hacker News

Вход в экосистему

Ваши настройки cookie