Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...

Single character in AI-generated script wipes developer’s entire hard drive

The user had asked for a simple PowerShell script to remove Python pycache folders. Instead, the script ended up deleting the contents of the user’s F: drive, including project files and Docker data.

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
Bitdefender

Fake Leonardo DiCaprio Movie Torrent Drops Agent Tesla Through Layered PowerShell Chain

After noticing a spike in detections involving what looked like a movie torrent for One Battle After Another, Bitdefender researchers started an investigation and discovered that it was a complex ...
ilovepowershell.com

Strings in PowerShell: Concatenation, Formatting and Manipulation

PowerShell is a versatile and powerful scripting language that can be used to automate various tasks on your system. One common task that often requires the use of PowerShell is working with strings.
Microsoft

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of ...
Bleeping Computer

New FileFix attack weaponizes Windows File Explorer for stealthy commands

A cybersecurity researcher has developed FileFix, a variant of the ClickFix social engineering attack that tricks users into executing malicious commands via the File Explorer address bar in Windows.
CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...
Infosecurity-magazine.com

New 'Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions

A new strain of infostealer blending standard malware techniques with unusually advanced features has been detected. First flagged by a Reddit user in April 2025, the malware, known as Chihuahua ...
Bleeping Computer

We Smell a (DC)Rat: Revealing a Sophisticated Malware Delivery Chain

The Acronis Threat Research Unit (TRU) was presented with an interesting threat chain and malware sample for analysis that involved a known cyberthreat along with some interesting twists in targeting ...
IEEE

PSDEM: A Feasible De-Obfuscation Method for Malicious PowerShell Detection

Abstract: PowerShell is so extremely powerful that we have seen that attackers are increasingly using PowerShell in their attack methods lately. In most cases, PowerShell malware arrives via spam ...