Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Learn how to clean up Active Directory before enabling SAML-based SSO to ensure secure authentication, accurate user mapping, and smooth identity integration.

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10). It is ...

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Bulky, assorted files filling up my Downloads folder are no more.

The user had asked for a simple PowerShell script to remove Python pycache folders. Instead, the script ended up deleting the contents of the user’s F: drive, including project files and Docker data.

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

PowerShell cross-platform limitations break Windows-only cmdlets, .NET dependencies, and Windows Forms GUIs on Linux. Dual booting and WinBoat enable Windows PowerShell compatibility but introduce ...

Editor's take: Microsoft is doubling down on its plan to turn Windows 11 into an "agentic AI" platform, and in the process seems determined to strip away the last bits of user agency left in the OS.

PS2EXE installs through the PowerShell Gallery, so you can set it up quickly. Open Windows Terminal or PowerShell as administrator. Run the module installation command: Install-Module -Name PS2EXE ...