Skip to content
During an incident response investigation on June 3, 2026, Huntress analyst Jevon Ang recovered a PowerShell script from a compromised Windows Server that the attacker had used to map out the victim’s Active Directory environment. The script hadn’t been downloaded from a public repository or pulled from a known offensive toolkit. It was custom-built, almost certainly by prompting an AI model until...
Attacker Used AI to Build Custom PowerShell Recon Malware | Huntaegis