Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Learn what's new in PowerShell 7.6 and how the release affects everyday automation and administration work. Understand how newer PowerShell versions continue to improve performance, reliability, ...
A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...
Dr. Holger Schwichtenberg is the technical director of the expert network www.IT-Visions.de, which supports numerous medium-sized and large companies with consulting and training services as well as ...
The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.
From automation to system management, these are the PowerShell commands IT pros should know and use in 2026. If you work in IT, chances are PowerShell is already part of your daily routine. You might ...
Windows Sandbox was launched by the end of 2018 with Windows 10 version 1903. The idea was to provide an isolated and temporary virtual PC environment where you can install suspicious software or open ...
In February 2025, we discovered that the Gamaredon tool PteroGraphin was used to restart Turla’s Kazuar backdoor on a machine in Ukraine. In April and June 2025, we detected that Kazuar v2 was ...