The Hacker News

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Qilin disables 300+ EDR drivers using BYOVD in 2025 attacks, delaying encryption six days, increasing breach impact.
Arabian Post

Windows admin tools turned into ransomware enablers

That gives ransomware crews a direct route to blinding EDR and AV products before the encryption stage begins. Several ransomware families now appear to treat defence impairment as a standard part of ...