Advertisement
2025 Identity Threat Report: Analyzing the Infostealer Economy
Recorded Future's 2025 Identity Threat Landscape Report examines how infostealer malware and session cookie theft drive the modern credential threat economy.
Phishing Credential Exfiltration via EmailJS and React Frameworks
Security analysis of a sophisticated React-based phishing kit that leverages the EmailJS service for stealthy exfiltration of user credentials.
FortiGate NGFW Exploitation Leads to Service Account Credential Theft
Threat actors are exploiting FortiGate devices to extract configuration files and steal service account credentials, facilitating lateral movement in networks.
LastPass Phishing Campaign Targets Master Passwords via Fake Alerts
LastPass warns of a new phishing campaign using fraudulent security alerts to steal master passwords. Learn how to identify and mitigate these vault threats.
Canadian Tire Data Breach Impacts 38 Million Accounts
Canadian Tire confirms a massive data breach affecting 38 million customer accounts, exposing PII and encrypted passwords. Analysis of security risks.
Malicious StripeApi.Net NuGet Package Targets Financial API Tokens
Researchers identify a typosquatting NuGet package, StripeApi.Net, designed to mimic official Stripe libraries and exfiltrate sensitive financial API keys.
Starkiller Phishing-as-a-Service: Technical Analysis of Adversary-in-the-Middle Frameworks
An examination of the Starkiller phishing platform, which employs transparent reverse proxy techniques to relay authentication traffic and capture multi-factor authentication (MFA) tokens in real-time.
Arkanix Stealer: Analysis of AI-Assisted Infostealer Development Patterns
A technical evaluation of the Arkanix Stealer operation, highlighting its AI-driven code characteristics and credential-harvesting capabilities.