This unofficial PowerShell script enhances Windows 11 performance and usability, and it has received a new useful feature ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
A fileless malware framework is abusing Google’s Blogspot platform to deliver PureLog Stealer directly into computer memory, sharpening concerns that trusted web services are being turned into staging ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
Phantom Stealer phishing targets banks with fileless malware and in-memory Windows process injection. The infostealer harvests credentials, cookies, financial data, screenshots, and cryptocurrency ...
Abstract: Cyber-attacks have evolved dramatically over the past decade, becoming more targeted and sophisticated. Attackers now employ various techniques, including phishing, ransomware, and Remote ...
A campaign known as Shadow#Reactor uses text-only files to deliver a Remcos remote access Trojan (RAT) to compromise victims, as opposed to a typical binary. Researchers with security vendor Securonix ...
A rare in-the-wild FileFix campaign has been observed by cybersecurity researchers, which hides a second-stage PowerShell script and encrypted executables inside JPG images. The attack, detailed in an ...