Security News Ransomware IAB abuses EDR for stealthy malware execution BleepingComputer Daniel Bender 09 Dec 2025 An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft Windows utilities to load malware, establish communication, and persistence in preparation for ransomware attacks.
