微软正在悄然放松对 Microsoft 账户(MSA)的强制绑定要求。长期以来,用户要想完整体验 Windows 11、Bing、Microsoft Rewards 积分以及 Edge 同步功能,几乎离不开一个 Microsoft ...
Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based ...
Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script (VBS) files. Once executed, these scripts initiate a ...
A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer ...
Advanced Persistent Threat (APT) groups are often associated with zero-day exploits and custom-built malware frameworks. However, the latest campaign attributed to APT28 demonstrates that modern ...
The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 ...
:: Credits and More info: https://gist.github.com/mackwage/08604751462126599d7e52f233490efe :: Note that if you legitimately use these extensions, like .bat, you will ...
IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...