PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and supercharge your workflow.

Microsoft is gearing up for big PowerShell and Windows OpenSSH changes in 2026, but security will come before flashy new features.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Who is knocking at the Dohdoor? Digital intruders with possible links to North Korea have been infecting US education and ...

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...

Windows systems are heading toward a trust-chain maintenance event that’s easy to overlook until it breaks something. Windows 10 and Windows 11 rely on three security certificates that begin expiring ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.

Catch up with this week's Microsoft Weekly news recap about a shakeup at the company's gaming division, some changes to the ...