Microsoft’s aging “mshta.exe” utility, a leftover component from Internet Explorer, is still being actively abused in modern malware campaigns years after the browser itself was retired. According to ...

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...

Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based ...

If you are setting up a new PC with Windows 11 version 24H2 (2024 Update) or later, developers may not find the VBScript installed after installation, as Microsoft does not install it by default now.

Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script (VBS) files. Once executed, these scripts initiate a ...

This is the collection of the Javascript / JScript extensions and standalone scripts. It consists of the original scripts by myself and other authors with proper credits. Years ago I invented a simple ...

WTF?! It's an email scam as old as the Nigerian prince asking for money: someone claiming they hacked your webcam and have recorded you in an act of self-pleasure. Unless you pay up, the video will be ...

Since October 2024, Microsoft Defender Experts (DEX) has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to ...

Threat actors have used generative artificial intelligence (GenAI) to write malicious code in the wild to spread an open source remote access Trojan (RAT). It's one of the first observed examples of ...

In an email campaign targeting French users, researchers discovered malicious code believed to have been created with the help of generative artificial intelligence services to deliver the AsyncRAT ...