powershell Archives • Page 3 of 5 • Daily CyberSecurity

DarkCloud Stealer: New Evasive Tactics Use Obfuscated Scripts & VB6 Payloads to Evade Detection

Do Son August 8, 2025

Unit 42 researchers have uncovered a significant shift in the distribution tactics of the DarkCloud Stealer malware,...

Interlock Ransomware Strikes: eSentire Exposes Multi-Stage Payload and ClickFix Social Engineering Interlock Ransomware, ClickFix Technique

Interlock Ransomware, ClickFix Technique

Interlock Ransomware Strikes: eSentire Exposes Multi-Stage Payload and ClickFix Social Engineering

Do Son August 2, 2025

The eSentire Threat Response Unit (TRU) exposed a detailed and technically sophisticated ransomware campaign orchestrated by the...

Cisco Talos Q2 Report: Phishing & Ransomware Dominate, with Qilin Using Deprecated PowerShell 1.0 Qilin Ransomware, Phishing & Ransomware

Cisco Talos Q2 Report: Phishing & Ransomware Dominate, with Qilin Using Deprecated PowerShell 1.0

Do Son August 1, 2025

Cisco Talos has released its latest Threat Intelligence Report for Q2 2025, revealing a threat landscape increasingly...

0bj3ctivityStealer: Stealthy Info-Stealer Uses Steganography & PowerShell to Evade Detection

Do Son July 30, 2025

A recent analysis from the Trellix Advanced Research Center (ARC) has unveiled a sophisticated and stealthy info-stealer...

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack

Do Son July 29, 2025

Cybercriminals continue to find clever ways to bypass antivirus solutions and endpoint defenses. A recent Point Wild...

New BERT Ransomware Unleashed: Multi-Threaded Attacks Hit Windows, Linux & ESXi with REvil Links

Do Son July 8, 2025

Security analysts at Trend Micro observed the rise of a previously unknown ransomware group now tracked as...

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining RedLine Stealer, Inno Setup Exploit

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

Do Son July 8, 2025

In a recent technical deep dive, the Splunk Threat Research Team (STRT) dissected a multi-stage malware campaign...

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected XMRig Cryptojacking, LOLBAS

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

Do Son July 8, 2025

A new wave of XMRig-based cryptojacking malware is making headlines again—leveraging simple scripting, LOLBAS techniques, and stealthy...

XwormRAT Resurfaces with Steganography-Powered Attack Chain

Do Son July 8, 2025

The AhnLab Security Intelligence Center (ASEC) has raised fresh concerns over the reemergence of XwormRAT, a notorious...

ClickFix Unmasked: How North Korea’s Kimsuky Group Turned PowerShell into a Weapon of Psychological Deception

Do Son July 1, 2025

In its latest threat intelligence report, the Genians Security Center (GSC) has uncovered a new evolution in...

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks CVE-2024-3393 - Zservers sanctions

North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks

Do Son June 24, 2025

A new report from EnkiWhiteHat has unveiled a sophisticated cyber espionage operation that leverages GitHub private repositories,...

KimJongRAT Returns: New PE & PowerShell Variants Steal Crypto and Browser Data via CDNs

Do Son June 18, 2025

Unit 42 has uncovered two newly evolved variants of the KimJongRAT malware, one using traditional PE (Portable...

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

BingX cyberattack FortiGate SSO Attacks Firewall Config Theft

Fileless AsyncRAT Campaign Targets German Users with Stealthy PowerShell Payload

Do Son June 17, 2025

In a recent investigation, threat intelligence firm CloudSEK uncovered a stealthy, fileless malware campaign leveraging social engineering...

GrayAlpha’s Expanding Arsenal: FIN7-Aligned Threat Actor Deploys Custom Loaders to Spread NetSupport RAT

Do Son June 17, 2025

A newly uncovered campaign by threat actor GrayAlpha, which overlaps with the infamous FIN7 cybercrime syndicate, reveals...

Katz Stealer: New Stealthy MaaS Steals Everything, Hides in Images, and Hijacks Discord

Do Son June 16, 2025

In 2025, cybersecurity analysts witnessed the emergence of a sophisticated and highly evasive info-stealer known as Katz...

Booking.com Spoofed in ClickFix Malware Surge Targeting Hotels and Travel Sector ClickFix Phishing, Booking.com Scam

Booking.com Spoofed in ClickFix Malware Surge Targeting Hotels and Travel Sector

Do Son June 6, 2025

According to Cofense Intelligence, a sophisticated and evolving phishing campaign is using spoofed Booking.com emails and fake...

ViperSoftX Resurfaces: Stealthy Crypto-Stealing Malware Hits Global Users! ViperSoftX, Crypto Malware

ViperSoftX Resurfaces: Stealthy Crypto-Stealing Malware Hits Global Users!

Do Son June 6, 2025

The AhnLab Security Intelligence Center (ASEC) has issued a fresh warning about the resurgence of ViperSoftX, a...

Alert: Fake DocuSign & Gitcodes Pages Install NetSupport RAT Malware! NetSupport RAT, Phishing Campaign

Alert: Fake DocuSign & Gitcodes Pages Install NetSupport RAT Malware!

Do Son June 5, 2025

Security researchers at DomainTools have uncovered a highly deceptive malware campaign designed to exploit user trust and...

ViperSoftX Evolves: New PowerShell Malware Boasts Stealth & Persistence PowerShell Malware, ViperSoftX

ViperSoftX Evolves: New PowerShell Malware Boasts Stealth & Persistence

Do Son June 5, 2025

K7 Labs has unveiled a detailed analysis of a new PowerShell-based malware campaign that builds on 2024’s...

Microsoft’s “Edit” Text Editor Coming to Windows 11 Command Line Windows 11 Editor, Command Line Editor MS-DOS editor, Command-line editor

Microsoft’s “Edit” Text Editor Coming to Windows 11 Command Line

Do Son June 4, 2025

Microsoft recently introduced and open-sourced a command-line text editor named Edit, which is available for download via...

Critical Alert 1 Active Exploit Detected Today