diff --git a/analyzer/windows/dll/capemon.dll b/analyzer/windows/dll/capemon.dll
index 86f3bec977b..f2c645aabf6 100755
Binary files a/analyzer/windows/dll/capemon.dll and b/analyzer/windows/dll/capemon.dll differ
diff --git a/analyzer/windows/dll/capemon_x64.dll b/analyzer/windows/dll/capemon_x64.dll
index 3fbb4d1a57c..dd8a43b4e4f 100755
Binary files a/analyzer/windows/dll/capemon_x64.dll and b/analyzer/windows/dll/capemon_x64.dll differ
diff --git a/changelog.md b/changelog.md
index 6344bda4343..8e5693f87c7 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,3 +1,8 @@
+### [05.05.2026]
+* Monitor updates:
+    * Instrumentation callback: refine dll filtering and add kernelbase.dll (syscall hooks)
+    * Unpacker: refine entropy-based detection of shellcode within mapped images, don't drop tracked regions in FreeHandler()
+
 ### [26.03.2026]
 * Monitor update: RtlDispatchException hook: check module_name pointer before dereference
 * KVMRemote machinery updated and  moved to main repo