North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10 ). It is ...

Let me tell you how I came within steps of becoming a victim in an elaborate social engineering scheme designed to exploit ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, ...

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

A newly identified botnet loader is shifting command-and-control (C2) operations onto the Polygon blockchain, eliminating the ...

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

While software can sync files and folders for you, it's often limited in scope. Learn how a PowerShell script can help you ...

The user had asked for a simple PowerShell script to remove Python pycache folders. Instead, the script ended up deleting the contents of the user’s F: drive, including project files and Docker data.