Advertisement

Djinn Stealer Targets Cloud & AI Credentials via SimpleHelp CVE-2026-48558
Analysis of Djinn Stealer, an infostealer delivered via critical SimpleHelp CVE-2026-48558, targeting cloud and AI development credentials.
Lumma Stealer Distributed via Fake EditPro AI Image Generator
Threat actors are leveraging a fake AI image generator website to distribute Lumma Stealer malware targeting both Windows and macOS systems.

400+ Arch Linux AUR Packages Hijacked: eBPF Rootkit and Infostealer
Attackers compromised over 400 Arch User Repository (AUR) packages to deploy Rust-based infostealers and eBPF rootkits, targeting developer credentials.
AUR Compromise: 400+ Packages Distributing Rootkits and Infostealers
Over 400 Arch User Repository (AUR) packages compromised to deploy Linux rootkits and harvest credentials, tokens, and sensitive developer data.
ACR Stealer Distributed via Fake Claude AI Desktop Site
Threat actors are distributing ACR Stealer malware through a fraudulent Claude AI desktop application site, targeting browser credentials and crypto wallets.
SHub macOS Infostealer Spoofs Apple Security Updates, Installs Backdoor
A new SHub macOS infostealer variant employs fake Apple security update prompts via AppleScript to install a backdoor, threatening user data and system integrity.
Compromised Checkmarx Jenkins Plugin Spreads Infostealer
Official Checkmarx Jenkins AST plugin version 2023.2.7 was compromised with an infostealer, risking credentials and system data. Immediate uninstallation and credential

Fake OpenAI Privacy Filter Repository Distributes Rust Info-Stealer
A malicious Hugging Face repository impersonating OpenAI's privacy tool reached 244k downloads, delivering a Rust-based information stealer to Windows users.
Claude.ai Malvertising: How Attackers Abuse Shared Chats for macOS Malware
Threat actors are leveraging Google Ads and legitimate Claude.ai shared chats to distribute macOS infostealers, effectively bypassing traditional web filters.
Fake OpenAI Hugging Face Repository Distributes Infostealer Malware
Attackers leveraged a fraudulent OpenAI repository on Hugging Face to distribute infostealers. Learn to detect and mitigate these AI supply chain threats.

Google Chrome ABE Bypass: Heightened Infostealer Threat
VoidStealer Trojan authors bypass Google Chrome's App-Bound Encryption (ABE), enabling infostealers to exfiltrate cookies and credentials from users.
Storm Infostealer: Bypassing Local Decryption for Session Hijacking
Storm infostealer exfiltrates encrypted browser data for server-side decryption, allowing attackers to bypass MFA and hijack active user sessions.