IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10 ). It is ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Cisco Talos tracks UAT-10027 targeting U.S. education and healthcare with Dohdoor DoH-based backdoor and Cobalt Strike payload.

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

The user had asked for a simple PowerShell script to remove Python pycache folders. Instead, the script ended up deleting the contents of the user’s F: drive, including project files and Docker data.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

PowerShell cross-platform limitations break Windows-only cmdlets, .NET dependencies, and Windows Forms GUIs on Linux. Dual booting and WinBoat enable Windows PowerShell compatibility but introduce ...

For many Windows users, PowerShell is just a strange black window you open once in a while to paste a command from a forum. In reality, PowerShell is one of the most powerful tools built into Windows.

Windows security updates tend to conjure thoughts of operating system vulnerabilities, including zero-days, being patched or even unexpected failures with serious consequences. This security update, ...

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. As Microsoft ...