Threats that abuse PowerShell continue to increase as attackers find ways to abuse it to deliver banking trojansbackdoorsransomware, and cryptocurrency-mining malware, and, more recently, fileless malware and malicious Windows Management Instrumentation (WMI) entries. Indeed, PowerShell’s flexibility and capabilities make it a potent tool in cybercriminal hands. For instance, it can be abused to facilitate exploits, lateral movementwithin the compromised network, and persistence.