Ars Technica

Execute shell scripts via Safari (new exploit vector)

Well, here we go boys and girls.<BR><BR>Of course, you're not running as Administrator, so this isn't a problem for you, right? And you were probably smart enough to uncheck the <B>Open "Safe" files ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Computer Weekly

Fileless attacks surge as hackers exploit PowerShell scripts

The latest quarterly threat report from McAfee noted a fourfold increase in fileless hacking attacks utilising Microsoft PowerShell scripts. PowerShell is used mainly to automate administration tasks, ...