A practical look at DLL sideloading and proxying: how attackers abuse trusted Windows executables to load malicious DLLs while keeping the app running normally. core-jmp.org/2026/05/dll-si…