PowerShell stories

Cybersecurity experts warn of rising email threats as phishing kits Tycoon 2FA and Cephas evolve, using steganography and code obfuscation to evade detection.

Curly COMrades exploit Microsoft Hyper-V to run hidden malware inside lightweight VMs, evading detection and maintaining stealthy control over targets.

Ransomware attacks exploiting VPN flaws and Microsoft 365 logins surge in APAC, with hackers bypassing MFA via stolen credentials and unpatched systems.

Cybercriminals use ultra-realistic fake Adobe Reader invoices and images with embedded malware to bypass defences, targeting German-speaking regions.

HP Wolf Security reveals cyber attackers increasingly use images and legitimate system tools to hide malware, making threats harder to detect and block.

Cybercriminals are increasingly exploiting open-source Stealerium malware to steal sensitive data, prompting warnings from Proofpoint researchers of new attack methods.

Broadcom enhances VMware Cloud Foundation with advanced compliance and security features to aid regulated organisations in tackling AI and cross-border cyber risks.

LevelBlue reports cyber incidents tripled to 17% in early 2025, driven by a 1,450% rise in social engineering attacks like fake CAPTCHA schemes.

A critical flaw in mcp-remote lets attackers hijack AI client systems by executing arbitrary OS commands, urging users to update to version 0.1.16 immediately.

ReliaQuest reveals surge in social engineering cyber threats, with ClickFix tactics and ransomware group shifts raising new security challenges in 2025.

Phishing campaigns spoofing Booking.com have surged, targeting hotels with fake CAPTCHA sites that trick staff into installing malware, research reveals.

Rapid7’s Q1 2025 report reveals stolen credentials without MFA cause 56% of breaches, while manufacturing faces the highest threat from ransomware attacks.

Bitdefender research reveals 84% of severe cyberattacks exploit common system tools like netsh.exe, evading traditional defences with LOTL methods.

North Korean hackers have intensified phishing attacks on Ukrainian government bodies to gather strategic intelligence on the Russian invasion, Proofpoint reports.

Facebook malvertising exploits images of stars like Elon Musk, promoting fake crypto brands to spread malware in Australia, New Zealand, and beyond.

Bitdefender launches GravityZone PHASR to combat living-off-the-land cyber threats, using AI to tailor security based on individual user behaviour globally.

ClickFix attacks, leveraging human error over software flaws, are now a dominant threat to enterprises, outpacing existing security measures.

Researchers from HP have uncovered a rise in fake CAPTCHA challenges used by cybercriminals to install malware, exploiting users' increased online click tolerance.

Hornetsecurity has launched the 365 Multi-Tenant Manager, streamlining Microsoft 365 tenant management for Managed Service Providers and boosting productivity.

Stack Overflow's 2024 Developer Survey reveals JavaScript as the top language among UK developers, with Python leading future aspirations.