‼️A threat actor using the handle "secretsdump" is selling a kernel exploit designed to bypass an...

Summary

A threat actor operating under the handle 'secretsdump' is marketing a kernel-level exploit on dark web forums designed to bypass and disable antivirus and endpoint detection and response (EDR) solutions. The tool is positioned as a more reliable alternative to publicly available or frequently detected exploit code, with advertised capabilities including process cleaning and AV/EDR evasion.

Indicators of Compromise

• malware — secretsdump kernel exploit