Process Hollowing Archives - CybserSecurity News

March 14, 2026

The Invisible Thread: Inside the Multi-Stage Python Injection Powering VioletRAT

Security vanguards at SonicWall have unmasked a nascent campaign disseminating the VioletRAT malware. This offensive orchestrates a multi-tiered delivery sequence and a sophisticated Python-based code injection paradigm. The adversaries employ several stages of clandestine...

Malware

March 3, 2026

Encrypted Deception: Cisco Talos Unmasks “Dohdoor” and the Stealthy UAT-10027 Campaign Targeting Healthcare

Since the twilight of 2025, Cisco Talos has been vigilantly tracking a malicious campaign directed against educational and healthcare institutions within the United States. Researchers attribute this coordinated activity to the threat actor UAT-10027...

Malware

February 5, 2026

The “Phantom” Resurrection: How Intrinsec Unmasked the Mandark-Powered Malware Loader Evading Global Defense

Analysts at Intrinsec have documented a surge in offensives leveraging the PhantomVAI loader, a utility architected upon the legacy RunPE framework and deployed in global cyber incursions. This instrument has surfaced concurrently across several...

Open Source Tool

September 22, 2025

MissionEvasion: The New Windows Tool That Evades Detection

MissionEvasion is a sophisticated Windows process injection tool that implements multiple evasion techniques, including registry-based file hiding, process hollowing, and process overwriting. The tool supports both x64 and x86 architectures and provides a flexible...

Malware

July 31, 2025

Raven Stealer Unmasked: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil

Amid a surge in malicious campaigns exploiting legitimate communication channels to evade traditional security measures, a new tool has drawn the attention of cybersecurity professionals—Raven Stealer. Emerging in July 2025, this information-stealing program has...

Open Source Tool

June 25, 2025

Hollowise: New Windows Tool Enables Stealthy Code Execution via Process Hollowing & PPID Spoofing

Hollowise is a Windows-based tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques. It allows for stealth execution of debuggers and code and network analizers by replacing the memory of a suspended process (e.g. calc.exe) with...

Malware

May 9, 2024

HijackLoader Reloaded: Malware Evolves for Stealth

Recently, cybersecurity experts have detected a new version of HijackLoader malware, now featuring enhanced methods to thwart analysis. This upgrade enables the malware to remain undetected within compromised networks for extended periods. Researchers at...

Malware

March 16, 2024

Ransomware Alert: StopCrypt Upgrade Bypasses Defenses

Security researchers have unveiled a new variant of the ransomware StopCrypt, also known as STOP. This iteration employs a complex, multistage execution process using shell codes to circumvent security tools, rendering the malware particularly...

Tagged: Process Hollowing

The Invisible Thread: Inside the Multi-Stage Python Injection Powering VioletRAT

Encrypted Deception: Cisco Talos Unmasks “Dohdoor” and the Stealthy UAT-10027 Campaign Targeting Healthcare

The “Phantom” Resurrection: How Intrinsec Unmasked the Mandark-Powered Malware Loader Evading Global Defense

MissionEvasion: The New Windows Tool That Evades Detection

Raven Stealer Unmasked: New MaaS Infostealer Plunders Data via Reflective Process Hollowing & Telegram Exfil

Hollowise: New Windows Tool Enables Stealthy Code Execution via Process Hollowing & PPID Spoofing

HijackLoader Reloaded: Malware Evolves for Stealth

Ransomware Alert: StopCrypt Upgrade Bypasses Defenses

Recent Posts