TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
View original
The Hacker News avatar

TGINSIGHT POST

Post #8208

@thehackernews

The Hacker News

Views9,820Post view count
PostedJan 1401/14/2026, 02:20 PM
Post content

Post content

🔐 Active malware campaign abuses DLL side-loading in a signed GitKraken ahost.exe. A rogue libcares-2.dll is placed beside it to hijack DLL search order, bypass signature checks, and run code; invoice/RFQ lures drop stealers and RATs. 🔗 Read → https://thehackernews.com/2026/01/hackers-exploit-c-ares-dll-side-loading.html