Bleeping Computer

TrickBot malware uses obfuscated Windows batch script to evade detection

With the 100th release of TrickBot, the malware came equipped with new and advanced evasive capabilities. One such capability is its use of an obfuscated batch script launcher to jumpstart malicious ...
Bleeping Computer

Fake IT support sites push malicious PowerShell scripts as Windows fixes

Fake IT support sites promote malicious PowerShell "fixes" for common Windows errors, like the 0x80070643 error, to infect devices with information-stealing malware. First discovered by eSentire's ...
Infosecurity-magazine.com

LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics

LummaC2, an infostealer malware actively exploiting PowerShell commands, has resurfaced to infiltrate and exfiltrate sensitive data. Discovered by cybersecurity researchers at Ontinue, the malware’s ...
CSOonline

Stealth RAT uses a PowerShell loader for fileless attacks

Remcos RAT gets a stealthy upgrade as attackers ditch old office exploits for a fileless PowerShell loader that runs entirely in memory. Threat actors have been spotted using a PowerShell-based ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.