Updated to 5.4.1.
- Add Memory Defense rules (Dynamic Code Execution Detection, Dynamic Code Network Access Detection)
- Add detection for renamed third-party processes (python.exe, node.exe)
- Add detection for WMI creating consumer persistence
- Add detection for WMI command execution events
- Built-in rules add blocking for WMI creating processes, creating services, and creating scheduled tasks
- Add blocking for WinRAR vulnerability exploitation (CVE-2025-8088)
- Fix some UI display issues
