Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Business.com

How to Remotely Invoke Applications With PowerShell

Have you ever been given an application and instructed to run it on various computers and systems, only to realize that it wasn’t built for multiple hosts? After all, some apps are designed to be ...
XDA Developers on MSN

4 PowerShell scripts I run on every Windows install

Get your fresh install settled quickly with these 4 PowerShell scripts ...
The Hacker News

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain development environments.

New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware.
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
Infosecurity Magazine

Phorpiex Phishing Delivers Low-Noise Global Group Ransomware

According to a new advisory by Forcepoint, the campaign relies on the continued effectiveness of Windows shortcut (.lnk) ...