Tag: powershell

All the articles with the tag "powershell".

• TAMECAT: APT42's New PowerShell Backdoor Targeting Military and Government Officials

  27 Apr 2026

  Technical analysis of the Iranian APT42 group's TAMECAT PowerShell backdoor, featuring fileless execution, Telegram-based C2 channels, multi-layer AES encryption evasion, and VBScript phishing delivery mechanisms targeting high-value military and government personnel.

• North Korea-Linked Hackers Use GitHub as C2 Infrastructure to Attack South Korea

  07 Apr 2026

  FortiGuard Labs has uncovered a new campaign by the North Korea-linked Kimsuky group using GitHub as Command-and-Control infrastructure. The multi-stage attack begins with phishing LNK files, employs heavy anti-VM and anti-analysis techniques, establishes persistence via scheduled tasks, and exfiltrates data to attacker-controlled GitHub repositories.