Bumblebee malware has resurfaced after a Europol-led disruption in May 2024 during 'Operation Endgame,' which took down multiple malware loader operations. Netskope researchers observed new Bumblebee activity involving phishing emails, malicious ZIP files, and fake installers (NVIDIA drivers, Midjourney). The malware uses PowerShell scripts and MSI files to deploy its payload without user interaction. Though no details about the dropped payloads or campaign size were shared, the resurgence of Bumblebee is a warning of potential renewed threats.