Global Group ransomware gang running new campaign using Windows shortcut files

Exploiting .lnk files is a strategy that has been used for years and still works, says new report from Forcepoint.
SecurityWeek

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Business Insider

Clawdbot has AI techies buzzing — and buying Mac Minis

You're currently following this author! Want to unfollow? Unsubscribe via the link in your email. Follow Henry Chandonnet Every time Henry publishes a story, you’ll get an alert straight to your inbox ...
TechSpot

This PowerShell script promises to remove every AI feature from Windows

Editor's take: Microsoft is doubling down on its plan to turn Windows 11 into an "agentic AI" platform, and in the process seems determined to strip away the last bits of user agency left in the OS.
TechRepublic

Microsoft Silently Fixes 8-Year Windows Security Flaw

The flaw, tracked as CVE-2025-9491, allowed cybercriminals to hide malicious commands from users inspecting files through Windows' standard interface. We waited long enough. Image: Unsplash Microsoft ...
Windows Report

How To Convert PowerShell To EXE On Windows Using PS2EXE

PS2EXE installs through the PowerShell Gallery, so you can set it up quickly. Open Windows Terminal or PowerShell as administrator. Run the module installation command: Install-Module -Name PS2EXE ...
TMCnet

ExtraHop® Unveils Advanced Network Detection Capabilities to Stop Malicious PowerShell Attacks

ExtraHop ®, a leader in modern network detection and response (NDR), today announced powerful new capabilities to detect the malicious use of PowerShell. These enhancements deliver the critical ...
Yahoo

Google probes exploitation of critical Windows service CVE

Add Yahoo as a preferred source to see more of our stories on Google. This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily ...
GitHub

Michaael01/LetsDefend-SOC137---Malicious-File-Script-Download-Attempt

Log analysis confirmed the use of iexplore.exe and powershell.exe for HTTP GET requests, indicating potential script-based execution. The file’s hash (f2d0c66b801244c059f636d08a474079) was flagged as ...