The Budworm APT group is evolving its cyber arsenal. Budworm’s signature technique consists of executing SysUpdate on victims’ networks by sideloading the DLL payload using the authentic INISafeWebSSO application – a tactic it has employed since at least 2018. Organizations should proactively update and patch their systems to counter known vulnerabilities exploited by tools like SysUpdate.