EUVD-2018-19873

Malware in sbrugna...

EUVD-2025-27373

Malicious code in bioql PyPI...

BIT-POWERSHELL-2025-49734 PowerShell Direct Elevation of Privilege Vulnerability

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally...

nishang

This repository is an offensive tool for Windows systems. It contains a collection of PowerShell scripts that can be used to exploit various vulnerabilities and gain unauthorized access to a system. The scripts are designed to be used by attackers to gain a foothold on a system and then escalate...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell scripts that can be used to exploit vulnerabilities in Windows systems. The repository contains several modules, including AntivirusBypass and CodeExecution, which provide various functions for bypassi...

CVE-2025-49734

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally...

CVE-2025-49734

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally...

PowerShell Direct Elevation of Privilege Vulnerability

Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally...

PT-2025-36818

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: An improper restriction of communication channel to intended endpoints in Windows PowerShell allows a local attacker to elevate privileges. This issue allows attackers to affect...

KB5066359—Security Update for Windows PowerShell (Hotpatch)

KB5066359—Security Update for Windows PowerShell Hotpatch Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if...

Think before you Click(Fix): Analyzing the ClickFix social engineering technique

Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple custome...

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware

The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along...

This Windows PowerShell Phish Has Scary Potential

ManyGitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing...

OneDrive Pastejacking

OneDrive Pastejacking: The crafty phishing and downloader campaign By Rafael Pena · July 29, 2024 Over the past few weeks, the Trellix Advanced Research Center has observed a sophisticated Phishing/downloader campaign targeting Microsoft OneDrive users. This campaign heavily relies on social...

PT-2024-5474 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to insufficient input validation in the Windows PowerShell command-line shell. It allows an attacker to elevate their privileges. The issue may be...

PT-2024-5472 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The issue is related to insufficient input validation in the Windows operating system's PowerShell command-line shell. It allows an attacker to elevate their privileges. There is...

PT-2024-5473 · Microsoft · Windows Powershell +1

Name of the Vulnerable Software and Affected Versions: Windows PowerShell affected versions not specified Description: The vulnerability is related to insufficient input validation in the Windows PowerShell command-line shell. It allows an attacker to elevate their privileges. The issue can be...

Microsoft Windows PowerShell Security Vulnerability

Microsoft Windows PowerShell is a command line shell program and scripting environment from Microsoft Corporation USA that enables command line users and script writers to take advantage of the power of . A security vulnerability exists in Microsoft Windows PowerShell. An attacker could exploit t...

Microsoft Windows PowerShell Code Execution / Event Log Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWSPOWERSHELLSINGLEQUOTECODEEXECEVENTLOGBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Windows PowerShell Built on the...