Threat Intelligence Report

Hiding in Plain Sight: Deconstructing the Multi-Actor DLL Sideloading Campaign abusing ahost.exe

📅 January 25, 2026 📰 www.trellix.com 🔍 0 CVE(s) referenced

A sophisticated, multi-actor malware campaign is exploiting DLL sideloading vulnerabilities in the trusted ahost.exe utility bundled with popular developer tools to stealthily deliver infostealers and remote access trojans, bypassing legacy security defenses and targeting organizations worldwide.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle