The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware.
According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine.
"This hidden environment, with its lightweight



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/11/hackers-weaponize-windows-hyper-v-to.html