Adware "Dragon Boss" Update Disables Antivirus Protections Globally

In March 2025, an update distributed by the adware strain "Dragon Boss" established persistence on infected systems via scheduled tasks and configured Windows Defender exclusions to bypass detection for future malicious payloads. The campaign targeted global users under the guise of a benign software update. No specific CVE IDs or victim counts were disclosed. The primary impact involved disabling antivirus protections to facilitate subsequent attacks. Technical details included the use of Windows Defender exclusions and scheduled tasks for persistence.