TrendingTopic

Living-off-the-land tradecraft and PowerShell-heavy intrusions

April 3, 2026The Hacker News, The DFIR Report

The Hacker News and The DFIR Report emphasize attackers blending in by using built-in tools like PowerShell and WMIC, with recent cases showing PowerShell backdoors and discovery commands that look normal in enterprise telemetry.

Open in PulseSee the full expert discussion →

QUOTES

Cyberattacks are shifting away from malware.

84% now use built-in tools like PowerShell and WMIC

Execution: Encrypted PowerShell backdoor

Discovery: PowerShell Cmdlets, WMI, and whoami

VOICES

The Hacker News

The DFIR Report

RELATED TERMS

lolbinspowershelldetection

OTHER FINDINGS IN TRENDING

LiteLLM PyPI supply chain compromise Dark web breach and ransomware incident reporting Axios NPM supply chain compromise attributed to DPRK UNC1069

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security