[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fIDxDIwjfnFoZREXbNRfi7F87ye7RTZ-sQ3S-HqwSUMU":3},{"article":4,"iocs":49},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":27,"category":28,"article_tags":31},"9df6162e-d2d4-4ad1-8cd8-d18382904e9f","⚠️ A defense evasion tool called ExEngine is being sold as a service, marketed as an AV\u002FEDR kille...","a-defense-evasion-tool-called-exengine-is-being-sold-as-a-service-marketed-as-an-493862","⚠️ A defense evasion tool called ExEngine is being sold as a service, marketed as an AV\u002FEDR killer that disables mainstream consumer security software including Windows Defender, Malwarebytes, Bitdefender, and Avast. The tool combines AV termination with a Ring-3 rootkit, UAC https:\u002F\u002Ft.co\u002FtO4rkRRoks","ExEngine is a defense evasion tool being marketed and sold as a service that targets mainstream antivirus and EDR solutions including Windows Defender, Malwarebytes, Bitdefender, and Avast. The tool combines AV termination capabilities with a Ring-3 rootkit and UAC bypass functionality to evade security controls. This represents a growing threat landscape where adversaries purchase pre-built evasion capabilities to support broader attack campaigns.","ExEngine defense evasion tool sold as service to disable AV\u002FEDR software.",null,"https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2050259718950854866","https:\u002F\u002Fpbs.twimg.com\u002Famplify_video_thumb\u002F2050258644894171136\u002Fimg\u002FLvUuJo9BF3UwusxB.jpg","2026-05-01T17:03:03+00:00","2026-05-01T18:00:09.220874+00:00",8,[18,21,23,25],{"name":19,"type":20},"Windows Defender","product",{"name":22,"type":20},"Malwarebytes",{"name":24,"type":20},"Bitdefender",{"name":26,"type":20},"Avast","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":27,"icon":11,"name":29,"slug":30},"Malware","malware",[32,37,42,44],{"category":33},{"id":34,"icon":11,"name":35,"slug":36},"02371804-cf6d-4449-98de-f1a2d4d9b266","Tools","tools",{"category":38},{"id":39,"icon":11,"name":40,"slug":41},"2c8f44d4-b56e-47cf-9677-04f22c9ee78d","Identity & Access","identity-access",{"category":43},{"id":27,"icon":11,"name":29,"slug":30},{"category":45},{"id":46,"icon":11,"name":47,"slug":48},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[50],{"type":30,"value":51,"context":52},"ExEngine","Defense evasion tool sold as a service; targets AV\u002FEDR software with rootkit and UAC bypass"]