Security Feed
  1. Archives

Dec 24 2025 Fake MAS Windows activation domain used to spread PowerShell malware

Source

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'. [...]

Posted by Bill Toulas on Wed 24 December 2025 in BleepingComputer.

Tags: Security.

Categories

  1. Ars Technica
  2. AWS Security
  3. BleepingComputer
  4. Brian Krebs
  5. Bruce Schneier
  6. GCP Security
  7. Google Project Zero
  8. The Daily Swig
  9. The Guardian
  10. The Register
  11. Threatpost

Tag cloud

  • Security
  • Uncategorized
  • Security, Identity, & Compliance
  • Security Blog
  • Biz & IT
  • Microsoft
  • Security & Identity
  • AI
  • google
  • CryptoCurrency
  • Announcements
  • Foundational (100)
  • A Little Sunshine
  • Legal
  • Artificial Intelligence
  • privacy
  • Mobile
  • Apple
  • squid
  • Intermediate (200)
  • Advanced (300)
  • Technical How-to
  • hacking
  • The Coming Storm
  • Best Practices

Security Feed. Powered by Pelican and m.css. Code is available on GitLab.