Uncovering a New Persistence Technique: TypeLib Hijacking with Explorer.exe
A new persistence method has been found by Michael Zhmailo from MTS Innovation Center’s CICADA8 team. This method involves hijacking TypeLib libraries within the Windows Component Object Model (COM) system,...
