DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Microsoft is preparing a major Windows 11 reliability update for May 2026 with improvements across File Explorer, ...

UAT-10362 spear-phishing targets Taiwanese NGOs in October 2025, deploying LucidRook malware for data exfiltration and ...

This repository contains PowerShell and Bash automation scripts designed specifically for RMM environments. All scripts follow the Limehawk Script Framework, ensuring consistency, reliability, and ...

# Run create-custom-winpe-wim.ps1 before running this script. # Requires Windows ADK and WinPE add-on installed. #Requires -RunAsAdministrator #Requires -Version 5.1 ...

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

What looked like a nuisance adware issue inside managed IT environments has emerged as a broader cyber-security warning, after Huntress said software signed by Dragon Boss Solutions LLC exposed more ...

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...

Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support ...

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...