Krebs on Security

This Windows PowerShell Phish Has Scary Potential

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by ...

Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...
Virtualization Review

Microsoft Security Best Practice: Clean Up Active Directory Accounts with PowerShell

Why use third-party security tools for Active Directory account cleanups when the ubiquitous PowerShell serves just as well? In a presentation of Microsoft security best practices, 21-time Microsoft ...
Dark Reading

PowerShell Gallery Prone to Typosquatting, Other Supply Chain Attacks

Microsoft's PowerShell Gallery presents a software supply chain risk because of its relatively weak protections against attackers who want to upload malicious packages to the online repository, ...