Publicly-reported instances of LSASS Credential Dumping bypassing endpoint security products. Maintained on the same basis for every technique in the Index.
| Product | Entries | High-confidence | Most recent |
|---|---|---|---|
| Microsoft | 3 | 3 | 2026-05-13 |
| 1 | 1 | 2026-05-06 |
| Product | Confidence | Disclosed | Source | |
|---|---|---|---|---|
| Microsoft | high | 2026-05-13 | theregister.com | record → |
| high | 2026-05-06 | darkreading.com | record → | |
| Microsoft | high | 2026-04-27 | www.persistent-security.net | record → |
| Microsoft | high | 2025-06-13 | undercodetesting.com | record → |
Counts reflect distinct publicly-reported events on record; absence of an entry means no confirmed public report is on file.