Ever since the introduction of PowerShell v5, there have been less usage of the application specifically among threat actors, penetration testers and red teamers.
This is because PowerShell v5 introduced PowerShell security logging which allows Blue teams with additional options to prevent powershell based threats.
https://cybersecuritynews.com/scriptblo ... -security/