TGTGInsighttelegram intelligenceLIVE / telegram public index
← The Hacker News
Find similarView original
The Hacker News avatar

TGINSIGHT POST

Post #8743

@thehackernews

The Hacker News

Views9,130Post view count
PostedApr 604/06/2026, 10:10 AM
Post content

Post content

🛑 Qilin and Warlock #ransomware are disabling defenses before attacks using BYOVD techniques. Qilin uses a side-loaded DLL to kill 300+ EDR drivers via vulnerable kernel drivers. Warlock exploits SharePoint and uses similar drivers to bypass kernel-level security, often delaying ransomware execution. 🔗 Find the technique disabling EDR tools → https://thehackernews.com/2026/04/qilin-and-warlock-ransomware-use.html