Social Engineering (ClickFix)
Exploitation of Public-Facing Applications (e.g., CVE-2026-20131)
AI-Assisted Malware Development (Slopoly)
PowerShell-based Persistence (Scheduled Tasks)
Remote Access Trojans (NodeSnake, Interlock RAT)
Credential Theft (LSASS dumping)
Data Exfiltration
Double Extortion
Defense Evasion (EDR/AV suppression)