The Bumblebee malware loader was taken down by law enforcement in May 2024, but may now be resurfacing. Operation Endgame, the takedown, was a series of asset freezes, infrastructure shut downs, and revealing suspects’ identities. Bumblebee was primarily used for payload delivery, but disappeared after the operation was enacted. However, Netskope, a cybersecurity firm, is reporting a new infection chain using Bumblebee. In these attacks, the malware downloader is distributed through phishing emails which trick the user into opening an attached file. Once opened, the file downloads and executes the Bumblebee payload. This new use of the Bumblebee malware is stealthier and more difficult to detect than before. 

Read more: https://www.securityweek.com/bumblebee-malware-loader-resurfaces-following-law-enforcement-takedown/