PowerShell stories

Storm-0249 hijacks trusted security and Windows tools to stealthily broker high-value network access for ransomware operators.

SIOS launches LifeKeeper v10, adding a unified browser console to simplify high availability and disaster recovery across Linux and Windows.

Chinese state-backed hackers mimic Microsoft Teams downloads in a false flag campaign to infect Chinese speakers and blame Russian actors.

Microsoft fixes a Windows zero-day used in attacks and Office flaws that can execute code when emails are merely received or previewed.

Attackers exploit unpatched ScreenConnect and Microsoft 365 credentials for unauthorised network access, raising breach risks for organisations worldwide.

Parallels has launched RAS 21.0, enhancing hybrid cloud management, security, and user experience for distributed workforces with multi-cloud support.

Cybersecurity experts warn of rising email threats as phishing kits Tycoon 2FA and Cephas evolve, using steganography and code obfuscation to evade detection.

Curly COMrades exploit Microsoft Hyper-V to run hidden malware inside lightweight VMs, evading detection and maintaining stealthy control over targets.

Ransomware attacks exploiting VPN flaws and Microsoft 365 logins surge in APAC, with hackers bypassing MFA via stolen credentials and unpatched systems.

Cybercriminals use ultra-realistic fake Adobe Reader invoices and images with embedded malware to bypass defences, targeting German-speaking regions.

HP Wolf Security reveals cyber attackers increasingly use images and legitimate system tools to hide malware, making threats harder to detect and block.

Cybercriminals are increasingly exploiting open-source Stealerium malware to steal sensitive data, prompting warnings from Proofpoint researchers of new attack methods.

Broadcom enhances VMware Cloud Foundation with advanced compliance and security features to aid regulated organisations in tackling AI and cross-border cyber risks.

LevelBlue reports cyber incidents tripled to 17% in early 2025, driven by a 1,450% rise in social engineering attacks like fake CAPTCHA schemes.

A critical flaw in mcp-remote lets attackers hijack AI client systems by executing arbitrary OS commands, urging users to update to version 0.1.16 immediately.

ReliaQuest reveals surge in social engineering cyber threats, with ClickFix tactics and ransomware group shifts raising new security challenges in 2025.

Phishing campaigns spoofing Booking.com have surged, targeting hotels with fake CAPTCHA sites that trick staff into installing malware, research reveals.

Rapid7’s Q1 2025 report reveals stolen credentials without MFA cause 56% of breaches, while manufacturing faces the highest threat from ransomware attacks.

Bitdefender research reveals 84% of severe cyberattacks exploit common system tools like netsh.exe, evading traditional defences with LOTL methods.

North Korean hackers have intensified phishing attacks on Ukrainian government bodies to gather strategic intelligence on the Russian invasion, Proofpoint reports.