PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and supercharge your workflow.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

Attackers are running paid Facebook ads that look like official Microsoft promotions, then directing users to near-perfect ...

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...

An AI-assisted hacker campaign breached over 600 FortiGate firewalls worldwide by exploiting weak credentials and public interfaces in a chilling demonstration of how generative AI ...

Dormant access refers to any account or entitlement that keeps its privileges but shows no sign of use for an extended period ...