description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...

I switched to WSL 2 and finally stopped feeling locked into Windows — here's why that changes everything.

description: The following analytic identifies suspicious PowerShell execution using Script Block Logging (EventCode 4104). It leverages specific patterns and keywords within the ScriptBlockText field ...

Do you want to start using Python but are stuck on setting up the environment? Many people think, "I want to automate tasks with Python," but get stuck on the initial environment setup and give up. In ...

Microsoft is turning Windows 11 into agent-native at Build 2026, adding local AI models and OS-level security to fix its ...

TL;DR  Introduction  At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

Microsoft Threat Intelligence has disclosed details of a cyberattack carried out by a threat actor tracked as Storm-2949, which escalated from a targeted identity compromise into a large-scale breach ...

TIP (Technical Internship Programme) details including status check, eligibility, benefits, premium rates and how to apply ...

I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...