https://cybercrime.club/tags/edr-evasion/Infrastructure security news for people who build infrastructure.Hugo -- gohugo.ioen-usSat, 18 Apr 2026 19:09:03 -0400https://cybercrime.club/posts/payouts-king-qemu-hidden-vms-stac4713-citrixbleed2/Sat, 18 Apr 2026 19:09:03 -0400https://cybercrime.club/posts/payouts-king-qemu-hidden-vms-stac4713-citrixbleed2/Sophos tracks two Payouts King campaigns running Alpine Linux inside QEMU on Windows hosts to tunnel reverse SSH and evade endpoint security. STAC3725 chains in CitrixBleed 2 (CVE-2025-5777) against NetScaler.ransomware