New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Bleeping Computer

New 'PowerDrop' PowerShell malware targets U.S. aerospace industry

A new PowerShell malware script named 'PowerDrop' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. PowerDrop was discovered by Adlumin, who last month found a ...
Infosecurity-magazine.com

Malvertising Campaign Deploys Modular PowerShell Malware PS1Bot

An ongoing malware campaign active throughout 2025 is using malvertising to deliver a sophisticated PowerShell-based framework. According to Cisco Talos researchers, the malware is named “PS1Bot” due ...
CSOonline

Rising ClickFix malware distribution trick puts PowerShell IT policies on notice

IT teams should revisit PowerShell restrictions as an increasingly used click-and-fix technique has users self-serving fake system issues by invoking malicious PowerShell scripts themselves, reducing ...
techtimes

Researchers Track AI-Written PowerShell Script That Deploys Infostealer Malware

In a recent cybersecurity finding by Proofpoint researchers, a threat actor utilized a PowerShell script, likely generated with the assistance of artificial intelligence (AI) systems such as OpenAI's ...
Infosecurity-magazine.com

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has reported. The PowerShell backdoor has been ...
Hosted on MSN

Konni hackers target blockchain engineers with AI malware

North Korean hacking group Konni is now targeting blockchain engineers with artificial intelligence-generated malware. According to reports, the hacker group is now deploying the AI-generated ...