Advertisement
ACR Stealer Distributed via Fake Claude AI Desktop Site
Threat actors are distributing ACR Stealer malware through a fraudulent Claude AI desktop application site, targeting browser credentials and crypto wallets.
SHub macOS Infostealer Spoofs Apple Security Updates, Installs Backdoor
A new SHub macOS infostealer variant employs fake Apple security update prompts via AppleScript to install a backdoor, threatening user data and system integrity.
Compromised Checkmarx Jenkins Plugin Spreads Infostealer
Official Checkmarx Jenkins AST plugin version 2023.2.7 was compromised with an infostealer, risking credentials and system data. Immediate uninstallation and credential
Fake OpenAI Privacy Filter Repository Distributes Rust Info-Stealer
A malicious Hugging Face repository impersonating OpenAI's privacy tool reached 244k downloads, delivering a Rust-based information stealer to Windows users.
Claude.ai Malvertising: How Attackers Abuse Shared Chats for macOS Malware
Threat actors are leveraging Google Ads and legitimate Claude.ai shared chats to distribute macOS infostealers, effectively bypassing traditional web filters.
Fake OpenAI Hugging Face Repository Distributes Infostealer Malware
Attackers leveraged a fraudulent OpenAI repository on Hugging Face to distribute infostealers. Learn to detect and mitigate these AI supply chain threats.
Google Chrome ABE Bypass: Heightened Infostealer Threat
VoidStealer Trojan authors bypass Google Chrome's App-Bound Encryption (ABE), enabling infostealers to exfiltrate cookies and credentials from users.
Storm Infostealer: Bypassing Local Decryption for Session Hijacking
Storm infostealer exfiltrates encrypted browser data for server-side decryption, allowing attackers to bypass MFA and hijack active user sessions.
Alleged RedLine Infostealer Admin Extradited to US
US extradites Hambardzum Minasyan, suspected administrator of RedLine Malware, following Operation Magnus. Analysis of RedLine MaaS and defense strategies.
Trivy Supply Chain Attack Targets CI/CD Secrets in DevOps Workflows
A supply chain attack leveraged the Trivy security tool to deploy an infostealer within CI/CD pipelines, compromising cloud credentials and sensitive secrets.
_Wavebreakmedia_Ltd_IFE-210813_Alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Lumma Stealer Phishing Campaign: Avoiding Copyright Notice Decoys
Phishing campaign targets healthcare and government sectors with copyright infringement decoys to deliver Lumma Stealer via legitimate cloud services.
Trivy Supply Chain Attack: Malicious Docker Hub Images Identified
Attackers hijacked Trivy Docker Hub images (v0.69.4-0.69.6) to distribute infostealers and Kubernetes wipers. Learn how to detect and remediate this threat.