“The phishing page includes an “Open File Explorer” button that, when clicked, launches File Explorer through the file upload functionality and copies the PowerShell command to the clipboard ...