Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
Bleeping Computer

WhatsApp for Windows lets Python, PHP scripts execute with no warning

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be ...
CSO Online

WhatsApp malware campaign uses malicious VBS files to gain persistent access

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain ...
Dark Reading

FileFix Attack Chain Enables Malicious Script Execution

A security researcher has discovered a FileFix attack chain that allows a threat actor to execute malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows. ClickFix is a ...
CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...