Dark Reading

FileFix Attack Chain Enables Malicious Script Execution

A security researcher has discovered a FileFix attack chain that allows a threat actor to execute malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows. ClickFix is a ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
CSOonline

How to log and monitor PowerShell activity for suspicious scripts and commands

Attackers are increasingly abusing sanctioned tools to subvert automated defenses. Tracking your Windows fleet’s PowerShell use — especially consultant workstations — can provide early indications of ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...