theregister

Don't open that WhatsApp message, Microsoft warns

Be careful what you click on. Miscreants are abusing WhatsApp messages in a multi-stage attack that delivers malicious Microsoft Installer (MSI) packages, allowing criminals to control victims' ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script (VBS) files. Once executed, these scripts initiate a ...
ilovepowershell.com

PowerShell Providers: Accessing Data Stores as Drives

PowerShell providers are a way to access data stores, such as the registry or the file system, as if they were drives in the file system. This allows you to use familiar commands, such as cd and dir, ...
Hackaday

The CURL Project Drops Bug Bounties Due To AI Slop

Over the past years, the author of the cURL project, [Daniel Stenberg], has repeatedly complained about the increasingly poor quality of bug reports filed due to LLM chatbot-induced confabulations, ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new malware on the same system, none of ...
Infosecurity-magazine.com

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign using a Python-based delivery chain to deploy the emerging CastleLoader family has been discovered by cybersecurity researchers. According to Blackpoint, the activity revolves ...
The Hacker News

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless ...
Hosted on MSN

Fresh ClickFix attacks use Windows Update trick-pics to steal credentials

A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims into downloading infostealer malware.… ClickFix is a type of social engineering technique that tricks users into ...
Windows Report

How To Convert PowerShell To EXE On Windows Using PS2EXE

PS2EXE installs through the PowerShell Gallery, so you can set it up quickly. Open Windows Terminal or PowerShell as administrator. Run the module installation command: Install-Module -Name PS2EXE ...
CSOonline

Russian APT abuses Windows Hyper-V for persistence and malware execution

Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor. Cyberespionage groups are ...
GitHub

Load nxc.exe Using PowerShell Reflection

I was wondering if this could be somehow possible to release a .NET version of the nxc.exe binary so it can be reflectively loaded using PowerShell? Or even better, to release a PowerShell version of ...