New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Windows Report

Exchange Online PowerShell Drops -Credential Support as MFA Push Continues

Microsoft will remove the -Credential parameter from Exchange Online PowerShell by June 2026, forcing admins to adopt MFA.
GitHub

PowerShell Crescendo

Crescendo is a development accelerator enabling you to rapidly build PowerShell cmdlets that leverage existing command-line tools. Crescendo amplifies the command-line experience of the original tool ...
GitHub

PowerShell Module and Framework

DISCLAIMER: Features exposed through these tools are not supported by Microsoft. Improper use might cause irreversible damage to domain controllers or negatively impact domain security. I have created ...