# Hyper-V Evasion: Exploiting Alpine Linux for Stealthy Malware Operations
**Autore:** Redazione Cyber Monitor
**Ultimo aggiornamento:** 05 November 2025
**Categoria:** Threat Monitor – Exploited Vulnerabilities
**TLP:** GREEN
### Introduzione
La recente scoperta di una tecnica di evasione che sfrutta un'immagine VM Alpine Linux di soli 120MB ha sollevato preoccupazioni significative nel panorama della cybersecurity. Questa tecnica consente al malware personalizzato di operare all'interno di un ambiente Hyper-V, isolato dall'Endpoint Detection and Response (EDR) dell'host, camuffandosi sotto il nome 'WSL' per eludere l'attenzione degli amministratori di sistema.Discover gists
Darkcrai86
/ 05-11-25-markdown.md
Created
November 5, 2025 13:54
Analisi della vulnerabilità: R to @blackorbird: The Hyper-V evasion technique here is brilliant. 120MB Alpine Linux VM with custom malware isolated from host EDR. All C2 traffic appears to originate from legitimate host IP via Hyper-V NAT. The real genius: naming it 'WSL' for social camouflage - admins see WSL and think 'developer tool' instead …
This script updates my most important software installations on my Mac. It covers updates from brew, Apple AppStore, XCode, MacOS and globally installed packages from npm and uv. The script can update single sources but without any argument it updates everything, see update.sh --help
I usually run it every couple of days but it is recommeded to check the console output for errors and warnings. Some brew update warnings mean that you need to overwrite the brew link of a package or it is not correctly installed anymore, e.g. brew link --overwrite node
konard
/ solution-draft-log-pr-1762350829072.txt
Created
November 5, 2025 13:53
Solution draft log for https://github.com/veb86/zcadvelecAI/pull/464
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Solve.mjs Log - 2025-11-05T13:49:48.450Z | |
| [2025-11-05T13:49:48.453Z] [INFO] 📁 Log file: /home/hive/solve-2025-11-05T13-49-48-449Z.log | |
| [2025-11-05T13:49:48.457Z] [INFO] (All output will be logged here) | |
| [2025-11-05T13:49:49.632Z] [INFO] | |
| [2025-11-05T13:49:49.633Z] [INFO] 🚀 solve v0.29.5 | |
| [2025-11-05T13:49:49.634Z] [INFO] 🔧 Raw command executed: | |
| [2025-11-05T13:49:49.635Z] [INFO] /home/hive/.nvm/versions/node/v20.19.5/bin/node /home/hive/.bun/bin/solve https://github.com/veb86/zcadvelecAI/issues/463 --auto-fork --auto-continue --attach-logs --verbose --no-tool-check | |
| [2025-11-05T13:49:49.636Z] [INFO] | |
| [2025-11-05T13:49:49.670Z] [INFO] |
choco-bot
/ Install.txt
Created
November 5, 2025 13:53
brutaldoom-kamasutra v03.09.05 - Passed - Package Tests Results
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2025-11-05 13:47:13,476 5644 [DEBUG] - XmlConfiguration is now operational | |
| 2025-11-05 13:47:13,664 5644 [DEBUG] - Adding new type 'CygwinService' for type 'IAlternativeSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,680 5644 [DEBUG] - Adding new type 'CygwinService' for type 'IInstallSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,680 5644 [DEBUG] - Adding new type 'PythonService' for type 'IAlternativeSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,680 5644 [DEBUG] - Adding new type 'PythonService' for type 'IListSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,695 5644 [DEBUG] - Adding new type 'PythonService' for type 'IInstallSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,695 5644 [DEBUG] - Adding new type 'PythonService' for type 'IUninstallSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,711 5644 [DEBUG] - Adding new type 'RubyGemsService' for type 'IAlternativeSourceRunner' from assembly 'choco' | |
| 2025-11-05 13:47:13,727 5644 [DEBUG] - Adding new typ |
phantom3491
/ Download Free Setup uDraw Tablet.md
Created
November 5, 2025 13:53
uDraw Tablet Crack Free Download + Serial Key
The uDraw Tablet has revolutionized the way art and creativity come alive in the digital realm. Designed for aspiring artists and gaming enthusiasts alike, this innovative tool in 2025 continues to set itself apart with its intuitive interface and responsive stylus. Whether sketching intricate designs, mastering digital painting, or engaging in entertaining games, users will appreciate the seamless blend of functionality and fun. With the full version, unlock a world of artistic possibilities that redefine creativity in a portable format.
- Enhanced Sensitivity: Experience a highly responsive stylus that captures e
Micket
/ easybuild_test_report_24318_easybuilders_preasybuild-easyconfigs_20255305-UTC-13-53-11.md
Created
November 5, 2025 13:53
EasyBuild test report for easybuilders/easybuild-easyconfigs PR(s) #24318
Test report for PR(s) easybuilders/easybuild-easyconfigs#24318
Build succeeded for 2 out of 2 (1 easyconfigs in total)
- SUCCESS libgit2-1.9.1-GCCcore-14.3.0.eb
- SUCCESS R-4.5.2-gfbf-2025b.eb
ammmaax
/ gist:d5b92b9fd9d5f8da3247a63ae3d70070
Created
November 5, 2025 13:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <iostream> | |
| using namespace std; | |
| int main() | |
| { | |
| int size; | |
| do | |
| { | |
| cout << "enter size: "; | |
| cin >> size; |
easterncoder
/ x.php
Created
November 5, 2025 13:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| echo "Enter student name: "; | |
| $student_name = trim(fgets(STDIN)); | |
| for($i = 1; $i <= 5; $i++) { | |
| echo "Enter Answer #$i: "; | |
| $answer[] = trim(fgets(STDIN)); | |
| } | |
| $score = 0; |
misterwizard1992672
/ Download Now Full Ubisoft Connect.md
Created
November 5, 2025 13:52
Ubisoft Connect Crack Free Download + Keygen + License Key
Ubisoft Connect is the ultimate hub for gamers in 2025, bringing together an innovative ecosystem that enhances your gameplay experience across all platforms. Tailored for both casual players and die-hard fans, Ubisoft Connect offers seamless integration with your favorite titles, ensuring you have access to the latest updates, challenges, and rewards. This full version stands out with its robust features designed to streamline gameplay and foster a thriving gaming community, making it a must-have for anyone looking to elevate their gaming journey.
- Cross-platform play: Enjoy your games with friends, regardless of the platform t
olioby
/ obsidian-livesync-synology.md
Created
November 5, 2025 13:52
— forked from gabeosx/obsidian-livesync-synology.md
Obsidian LiveSync Self-Hosted on Synology
obsidian-livesync is an Obsidian plugin, which allows you to Synchronize your Obsidian vault between devices, using a CouchDB database.
Synology NAS devices offer Docker support, which is a convenient way to host your CouchDB.
- Create a directory for your Docker data (e.g.
/volume1/docker/obsidian-couchdb) - Create a user with permissions to that directory - put them in the
usersgroup
NewerOlder