ResolverRAT Malware Evades Detection, Hits Pharma And Healthcare Firms - 1

Image by kartik programmer, from Unsplash

ResolverRAT Malware Evades Detection, Hits Pharma And Healthcare Firms

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

ResolverRAT, a stealthy fileless malware, is targeting healthcare and pharmaceutical industries with phishing-based attacks, Morphisec Labs has warned.

In a rush? Here are the quick facts:

  • It spreads via phishing emails in languages.
  • Malware hides using DLL side-loading and fake apps like hpreader.exe.
  • ResolverRAT encrypts activity, operates only in memory, evading antivirus detection.

A dangerous new malware variant named ResolverRAT has been uncovered by Morphisec Labs , and it’s already being used in targeted cyberattacks against healthcare and pharmaceutical organizations worldwide.

Morphisec reports that ResolverRAT is a Remote Access Trojan (RAT) that is designed to evade detection and analysis. Unlike traditional malware, ResolverRAT runs entirely in memory and does not leave files on disk, which makes it much harder to detect using traditional antivirus tools.

The threat was first detected in attacks against Morphisec clients, specifically in the healthcare industry, with the latest wave occurring on March 10, 2025.

The researchers explain that ResolverRAT uses very realistic phishing emails in multiple languages to deceive corporate employees into downloading infected files. The emails threaten legal consequences such as copyright violations to force recipients into clicking.

“These campaigns reflect the ongoing trend of highly localized phishing,” Morphisec notes, explaining that tailoring language and themes by country increases the chance someone will fall for the scam.

Once inside a system, ResolverRAT loads a hidden malicious program using a method called DLL side-loading, often disguised within a legitimate app. This allows the malware to sneak in without triggering alarms.

The malware uses strong encryption and obfuscation techniques to hide its true purpose. It operates only in the computer’s memory, avoids using normal system files, and even creates fake certificates to bypass secure network monitoring.

Its design includes multiple methods to stay hidden and active, even if some are blocked. It installs itself in different parts of the system and uses a rotating list of servers and encrypted communication to avoid detection.

Morphisec warns that ResolverRAT appears to be part of a global operation, with similarities to other known cyberattacks. Shared tools, techniques, and even identical file names suggest a coordinated effort or shared resources among threat groups.

“This new malware family is especially dangerous to healthcare and pharmaceutical companies due to the sensitive data they hold,” Morphisec said.

To combat threats like ResolverRAT, Morphisec promotes its Automated Moving Target Defense (AMTD), which prevents attacks at the earliest stage by constantly changing the attack surface, making it harder for malware to find a target.

ResolverRAT is a clear example of how sophisticated cybercrime is evolving—and why critical sectors like healthcare must stay one step ahead.

Netflix Rolls Out New AI Feature Powered By OpenAI - 2

Photo by Mollie Sivaram on Unsplash

Netflix Rolls Out New AI Feature Powered By OpenAI

  • Written by Andrea Miliani Former Tech News Expert
  • Fact-Checked by Sarah Frazier Former Content Manager

In a rush? Here are the quick facts:

  • Netflix started rolling out a new AI-powered feature for users in Australia and New Zealand on iOS devices.
  • OpenAI is behind the AI technology to suggest more personalized recommendations, including users’ moods.
  • The AI technology will expand to the U.S. and other countries soon.

According to a Bloomberg exclusive , the new AI feature allows users to search for video content considering multiple new factors, including personal elements such as mood. Considering these inputs, the AI will suggest options available in the user’s catalog.

Users in New Zealand and Australia can test the new feature on IOS devices, and Netflix is working on expanding to more regions, including the United States. Those interested in testing the AI tool must opt in once it becomes available in their area.

The entertainment company also mentioned that they are using AI technologies in the production of movies and shows, but clarified that they are not replacing screenwriters, actors, or other creative workers. The use of AI in creative environments has been a delicate topic in the past few years, and a source for debate and new agreements between tech companies and organizations such as the Hollywood union SAG-AFTRA .

A few days ago, Netflix’s engineering team also shared details of its new internal research to update the platform’s personalized recommendation system on Medium . The team’s Foundation Model for Personalized Recommendation considers Large Language Models (LLMs) and a specialized tokenization system to enhance its suggestions and optimize processes.

“The Foundation Model allows various downstream applications, from direct use as a predictive model to generate user and entity embeddings for other applications, and can be fine-tuned for specific canvases,” states the document. “This move from multiple specialized models to a more comprehensive system marks an exciting development in the field of personalized recommendation systems.”