Phemedrone Stealer targets Windows Defender flaw despite patch. Cybersecurity experts discover active exploitation of CVE-2023-36025 vulnerability. Phemedrone Stealer collects data from web browsers and messaging apps. Vulnerability allows attackers to bypass Windows Defender SmartScreen warnings. Malware campaigns incorporate this vulnerability into their attack chains. Attackers use cloud services and URL shorteners to disguise malicious files. Malware achieves persistence through defense evasion techniques. Phemedrone Stealer extracts sensitive information from various applications. Despite patch, threat actors continue to exploit the vulnerability. Organizations urged to update Windows installations promptly. #Phemedrone #WindowsDefender #Cybersecurity #Vulnerability #Malware
https://www.infosecurity-magazine.com/news/stealers-target-windows-defender/