Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
IEEE

The Pulse of Fileless Cryptojacking Attacks: Malicious PowerShell Scripts

Abstract: Fileless malware predominantly relies on PowerShell scripts, leveraging the native capabilities of Windows systems to execute stealthy attacks that leave no traces on the victim's system.
GitHub

install-new-teams-v2.ps1

including the Outlook Add-in and sets required registry keys for Citrix VDA as well. The new Teams is based on EdgeWebView Runtime and willbe installed as well. You ...
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...
GitHub

Mega Collection of PowerShell Scripts

play-mp3.ps1 Plays the given MP3 sound file. More » play-super-mario.ps1 Plays the Super Mario intro. More » play-tetris-melody.ps1 Plays the Tetris melody. More » speak-checklist.ps1 Speaks the given ...

Forget 'debloat apps.' Sophia Script gives you real control over Windows 11. Here's how it works.

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10). It is ...