Advertisement
Operation Magnus: Dutch Police Disrupt 17 Million Device Botnet
Dutch authorities and international partners seize over 1,200 servers to dismantle the infrastructure behind RedLine and Vidar infostealer malware.
Analysis of Cross-Platform NPM Stealer Using Discord Webhooks
Technical teardown of an obfuscated Node.js infostealer targeting Discord tokens, crypto wallets, and browser credentials via cross-platform scripts.
Protecting Identities from Infostealers: Session Hijacking Mitigation
Learn how infostealers like Lumma bypass MFA via session token theft and discover technical strategies for implementing device-bound authentication.
Ukraine Identifies Odesa-Based Infostealer Operator
Ukrainian cyberpolice and US law enforcement identify an 18-year-old in Odesa suspected of compromising 28,000 accounts for dark web monetization.
Shai-Hulud Infostealer Surfaces in Malicious npm Package Campaign
Leaked Shai-Hulud malware is targeting Node.js developers via malicious npm packages, exfiltrating sensitive data and credentials to Telegram-based C2.
Malicious Windows 11 ISOs Deliver Vidar Infostealer — Analysis
Security researchers warn of fake Windows 11 ISO installers delivering Vidar and RedLine infostealers through sophisticated DLL side-loading techniques.
Malicious PyPI Package elementary-data Hijacked for Infostealer
High-profile supply chain attack on the elementary-data PyPI package compromises developer credentials and crypto wallets via account takeover. Patch now.
Python Infostealer Targeting Browser Credentials and Discord Tokens
Technical analysis of a Python-based infostealer leveraging Discord webhooks for exfiltration, targeting browser credentials and session tokens.
Lumma Stealer and Sectop RAT Dual Infection Chain Analysis
Technical breakdown of the Lumma Stealer and Sectop RAT (ArechClient2) infection chain, detailing C2 communication and persistence mechanisms.
Infinity Stealer macOS Malware: Analyzing ClickFix Lures and Payloads
Infinity Stealer targets macOS via ClickFix social engineering. Learn how this Nuitka-compiled malware steals browser data, crypto wallets, and Keychain info.
Backdoored Telnyx PyPI Package Uses Steganography to Deliver Malware
Security researchers discovered malicious versions of the Telnyx PyPI package delivering infostealers via steganography hidden in WAV audio files.
GitHub Malware Campaign: Fake VS Code Alerts Target Developers
Attackers exploit GitHub Discussions to push malware via fake VS Code security alerts. Learn the TTPs used to target developers and how to mitigate risk.