It then secretly opens powershell.exe, ascertains whether the user is running 32- or 64-bit Windows, and downloads a PowerShell script containing a shellcode. The shellcode is then decrypted and ...

Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware.

A new malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into running malicious PowerShell "fixes" that install malware.