A recent threat hunting session has revealed a sophisticated PowerShell script, named y1.ps1, hosted in an open directory on a Chinese server (IP: 123.207.215.76). First detected on June 1, 2025, this script operates as a shellcode loader, employing advanced in-memory execution techniques to bypass traditional disk-based detection mechanisms. The discovery, attributed to Shenzhen Tencent Computer […]
The post PowerShell Loaders Use In-Memory Execution to Evade Disk-Based Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform