Bleeping Computer

ViperSoftX malware covertly runs PowerShell using AutoIT scripting

The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection. CLR is a key ...
Infosecurity-magazine.com

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has reported. The PowerShell backdoor has been ...
Bleeping Computer

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'.
CSOonline

Rising ClickFix malware distribution trick puts PowerShell IT policies on notice

IT teams should revisit PowerShell restrictions as an increasingly used click-and-fix technique has users self-serving fake system issues by invoking malicious PowerShell scripts themselves, reducing ...
Infosecurity-magazine.com

Iranian Group TA453 Launches Phishing Attacks with BlackSmith

The Iranian-linked threat actor TA453 (also known as Charming Kitten) has been observed launching a sophisticated phishing attack using a PowerShell-based malware toolkit dubbed “BlackSmith.” The ...