New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Bleeping Computer

ViperSoftX malware covertly runs PowerShell using AutoIT scripting

The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection. CLR is a key ...
Infosecurity-magazine.com

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has reported. The PowerShell backdoor has been ...