https://www.elastic.co/docs/reference/security/prebuilt-rules/rules/windows/privilege_escalation_uac_bypass_diskcleanup_hijack
UAC Bypass via DiskCleanup Scheduled Task Hijack | Prebuilt detection rules reference
Identifies User Account Control (UAC) bypass via hijacking DiskCleanup Scheduled Task. Attackers bypass UAC to stealthily execute code with elevated...
uac bypassscheduled taskdetection rulesvia
https://thehackernews.com/2023/07/casbaneiro-banking-malware-goes-under.html
Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique
Financially motivated hackers behind Casbaneiro banking malware are evolving their tactics to avoid detection
under the radarbanking malwareuac bypasscasbaneirogoes
https://github.com/hackerhouse-opensource/Stinger
GitHub - hackerhouse-opensource/Stinger: CIA UAC bypass implementation of Stinger that obtains the...
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator. -...
uac bypass
https://thehackernews.com/2025/01/researchers-expose-noneuclid-rat-using.html
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
NonEuclid RAT: C# malware offering remote access, antivirus bypass, and ransomware, active since November 2024.
uac bypassamsi evasionresearchersexposerat
https://github.com/sailay1996/UAC_Bypass_In_The_Wild
GitHub - sailay1996/UAC_Bypass_In_The_Wild: Windows 10 UAC bypass for all executable files which...
Windows 10 UAC bypass for all executable files which are autoelevate true . - GitHub - sailay1996/UAC_Bypass_In_The_Wild: Windows 10 UAC bypass for all...
https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration
Fickle Stealer, a new Rust-based malware, and AZStealer, an open-source Python stealer, target sensitive data via multiple attack chains and exfiltrat
https://thehackernews.com/2026/04/microsoft-warns-of-whatsapp-delivered.html?ref=blog.netmanageit.com
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
WhatsApp VBS campaign began February 2026, abusing AWS and UAC bypass to gain persistent remote access.