Topic: powershell commands
-
Windows 11 Now Has Built-In Sysmon Security Monitoring
Microsoft is integrating Sysmon, a powerful system monitoring tool, directly into Windows 11 as an optional feature, initially available to Windows Insider Beta and Dev channel users. This native integration simplifies large-scale deployment and management for enterprises, moving beyond the tradi...
Read More » -
Hackers Now Use Tsundere Bot for Ransomware Attacks
The TA584 threat actor has significantly escalated operations, tripling campaign volume in late 2025 and expanding its geographic targeting to include Germany and Australia, while deploying the Tsundere Bot and XWorm trojan to establish network access for ransomware. The group uses a sophisticate...
Read More » -
Windows 11 24H2 Bug Crashes Explorer and Start Menu
A critical bug in Windows 11 version 24H2 causes system failures after July 2025 updates, particularly affecting non-persistent virtual desktops due to improperly registered XAML dependency packages. The issue prevents essential components like File Explorer and the Start Menu from initializing, ...
Read More » -
Urgent Windows Flaw CVE-2025-9491 Actively Exploited by Hackers
A critical Windows security flaw (CVE-2025-9491) is being actively exploited by hacking group UNC6384, enabling unauthorized code execution through malicious LNK files in spearphishing campaigns targeting European diplomatic and aviation entities. The exploitation involves a multi-stage malware c...
Read More » -
Google: Microsoft WSUS Attacks Strike Multiple Organizations
A critical remote code execution vulnerability (CVE-2025-59287) in Microsoft's WSUS is being actively exploited, affecting Windows Server versions from 2012 to 2025, despite an emergency patch being released after initial fixes failed. Exploitation involves unauthenticated attackers running arbit...
Read More » -
PhantomCaptcha Cyberattack Hits Ukraine Aid Groups
The PhantomCaptcha phishing campaign targeted humanitarian and government aid organizations for Ukraine by impersonating the Ukrainian President's Office and distributing malware via deceptive PDF attachments. Attackers used a multi-stage malware process involving a downloader script, reconnaissa...
Read More » -
TikTok Videos Fueling New ClickFix Infostealer Attacks
A new wave of TikTok cyberattacks uses deceptive videos promising free premium software to trick users into executing malicious PowerShell commands, part of the ClickFix social engineering campaign. Executing the commands downloads Aura Stealer malware, which harvests sensitive data like password...
Read More » -
FileFix Attack Evades Security with Cache Smuggling
A new FileFix social engineering attack uses cache smuggling to deliver malware undetected by disguising itself as a Fortinet VPN Compliance Checker and tricking users into executing hidden PowerShell commands. The attack involves copying a text string that secretly contains a script to search br...
Read More » -
Legit Tools Turned Malicious: Velociraptor and Nezha Weaponized
Legitimate open-source tools Velociraptor and Nezha are being weaponized by threat actors to maintain access, evade detection, and deploy ransomware or malware on enterprise systems. A China-linked ransomware group exploited an outdated Velociraptor version with a privilege escalation flaw to dep...
Read More » -
New Phishing Attack Deploys RATs Using UpCrypter Evasion
A global phishing campaign uses personalized emails and fake websites to distribute malicious downloads, employing the UpCrypter loader to deploy remote access trojans for prolonged unauthorized access. The attack involves HTML attachments redirecting to deceptive sites, with variations like voic...
Read More »