ACR Stealer campaigns use ClickFix lures, JPEG steganography, and WebDAV to steal browser tokens, passwords, PDFs, and synced ...
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
A likely AI-generated PowerShell script mapped Active Directory after an attacker gained RDP access to a Windows Server with ...
A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome extension that hijacked the browser, causing repeated crashes and baiting users ...
After noticing a spike in detections involving what looked like a movie torrent for One Battle After Another, Bitdefender researchers started an investigation and discovered that it was a complex ...
Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of ...
PowerShell recovery scripts using WBAdmin no longer work in Windows 11, but VHDX mounting offers a manual workaround for restoring files. I recently wrote an article in which I walked you through the ...
Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...
PowerShell scripts are used to automate repetitive tasks and make some changes to your system’s configuration. However, we have noticed that at times, Windows can’t run a PowerShell script in Windows ...
A new strain of infostealer blending standard malware techniques with unusually advanced features has been detected. First flagged by a Reddit user in April 2025, the malware, known as Chihuahua ...
The Acronis Threat Research Unit (TRU) was presented with an interesting threat chain and malware sample for analysis that involved a known cyberthreat along with some interesting twists in targeting ...