infostealer

Infostealers Turn Millions of Devices Into Credential Theft Machines

Identity & Access, infostealer, Malware, Malware & Threats /

Infostealers Turn Millions of Devices Into Credential Theft Machines 2026-06-10 at 17:24 By Kevin Townsend As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations. The post Infostealers Turn Millions of Devices Into Credential Theft Machines appeared first on SecurityWeek. This article is […]

Infostealers Turn Millions of Devices Into Credential Theft Machines Read More »

Operation HumanitarianBait: An Infostealer Campaign in Disguise

cyberespionage, infostealer, Malware, social engineering /

Operation HumanitarianBait: An Infostealer Campaign in Disguise 2026-05-07 at 12:41 By rohansinhacyblecom Executive Summary Cyble Research and Intelligence Labs (CRIL) has uncovered a targeted cyberespionage campaign leveraging social engineering and trusted infrastructure to establish persistent, covert access to victim systems. The attack is delivered via phishing emails containing a malicious LNK file disguised within a

Operation HumanitarianBait: An Infostealer Campaign in Disguise Read More »

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign

infostealer, Malware, social engineering /

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign 2026-03-30 at 18:31 By rohansinhacyblecom Executive Summary CRIL has been actively tracking a surge in PXA Stealer activity deployed in a sophisticated, financially motivated threat campaign attributed with high confidence to a Vietnam-based cybercriminal group. The primary targets in this campaign are

Professional Networks Under Attack: Vietnam-Linked Actors Deploy PXA Stealer in Global Infostealer Campaign Read More »

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

ClickFix, infostealer, Mac malware, Malware & Threats /

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs 2026-03-28 at 15:40 By Ionut Arghire The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs Read More »

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach

Handala, infostealer, Iran, Malware, Malware & Threats, Stryker /

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach 2026-03-18 at 14:49 By Eduard Kovacs The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. The post Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach Read More »

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data

AI, Credential Harvesting, infostealer, phishing, social engineering /

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data 2026-03-16 at 08:24 By rohansinhacyblecom Executive Summary Cyble Research & Intelligence Labs (CRIL) has identified a widespread, highly active social engineering campaign hosted primarily on edgeone.app infrastructure. The initial access vectors are diverse — ranging from “ID Scanner,” and “Telegram ID Freezing,” to “Health Fund

AI-Assisted Phishing Campaign Exploits Browser Permissions to Capture Victim Data Read More »

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

cybercrime, infostealer, Malware, Malware & Threats, North Korea, Polyfill /

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea 2026-03-12 at 11:48 By Eduard Kovacs The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement. The post Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea appeared first on SecurityWeek. This article is

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea Read More »

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

ClickFix, infostealer, InstallFix, Malware, Malware & Threats /

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign 2026-03-09 at 13:50 By Ionut Arghire Threat actors replace legitimate commands on the cloned installation webpages with malicious commands. The post Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign Read More »

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

BoryptGrab, infostealer, Malware, Malware & Threats /

Over 100 GitHub Repositories Distributing BoryptGrab Stealer 2026-03-07 at 14:46 By Ionut Arghire The malware targets browser and cryptocurrency wallet data, along with system information and user files. The post Over 100 GitHub Repositories Distributing BoryptGrab Stealer appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Over 100 GitHub Repositories Distributing BoryptGrab Stealer Read More »

ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader

infostealer, Malware /

ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader 2026-03-05 at 14:27 By rohansinhacyblecom Executive Summary In early February 2026, Cyble Research & Intelligence Labs (CRIL) identified a new Linux malware strain delivered through a loader structure previously associated with ShadowHS activity. While ShadowHS samples deployed post-exploitation tooling, the newly observed payload is operationally different.

ClipXDaemon: Autonomous X11 Clipboard Hijacker Delivered via Bincrypter-Based Loader Read More »

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

Arkanix, infostealer, Malware, Malware & Threats /

‘Arkanix Stealer’ Malware Disappears Shortly After Debut 2026-02-24 at 17:53 By Ionut Arghire Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files. The post ‘Arkanix Stealer’ Malware Disappears Shortly After Debut appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

‘Arkanix Stealer’ Malware Disappears Shortly After Debut Read More »

‘SolyxImmortal’ Information Stealer Emerges

infostealer, Malware, Malware & Threats, SolyxImmortal /

‘SolyxImmortal’ Information Stealer Emerges 2026-01-19 at 17:21 By Ionut Arghire The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks. The post ‘SolyxImmortal’ Information Stealer Emerges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

‘SolyxImmortal’ Information Stealer Emerges Read More »

Dozens of Major Data Breaches Linked to Single Threat Actor

data breach, Data Breaches, infostealer, Malware, Malware & Threats, Sentap, Zestix /

Dozens of Major Data Breaches Linked to Single Threat Actor 2026-01-06 at 14:32 By Ionut Arghire The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Dozens of Major Data Breaches Linked to Single Threat Actor Read More »

Infostealer Malware Delivered in EmEditor Supply Chain Attack

EmEditor, infostealer, Malware, Malware & Threats, supply chain attack, Supply Chain Security /

Infostealer Malware Delivered in EmEditor Supply Chain Attack 2025-12-29 at 13:40 By Eduard Kovacs The ‘download’ button on the official EmEditor website served a malicious installer. The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Infostealer Malware Delivered in EmEditor Supply Chain Attack Read More »

MacSync macOS Malware Distributed via Signed Swift Application

infostealer, Mac malware, MacSync Stealer, Malware & Threats /

MacSync macOS Malware Distributed via Signed Swift Application 2025-12-22 at 15:00 By Ionut Arghire A recent MacSync Stealer version no longer requires users to directly interact with the terminal for execution. The post MacSync macOS Malware Distributed via Signed Swift Application appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

MacSync macOS Malware Distributed via Signed Swift Application Read More »

1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium

botnet, Elysium, Europol, infostealer, law enforcement, Rhadamanthys, takedown, Tracking & Law Enforcement, VenomRAT /

1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium 2025-11-13 at 17:50 By Eduard Kovacs An individual believed to have been involved in the operation of VenomRAT was arrested recently in Greece. The post 1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium appeared first on SecurityWeek. This article is an

1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium Read More »

Open VSX Downplays Impact From GlassWorm Campaign

GlassWorm, infostealer, Malware, Malware & Threats, Open VSX /

Open VSX Downplays Impact From GlassWorm Campaign 2025-10-31 at 19:32 By Ionut Arghire Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Open VSX Downplays Impact From GlassWorm Campaign Read More »

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

infostealer, Malware, Malware & Threats, NPM /

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times 2025-10-30 at 12:59 By Ionut Arghire The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information. The post 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times Read More »

Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums

credentials, Data Breaches, Data leak, infostealer, Malware & Threats, password /

Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums 2025-10-28 at 15:11 By Ionut Arghire The email addresses were pulled from various sources and 16.4 million of them were not present in previous data breaches. The post Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums appeared first on SecurityWeek. This article is

Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums Read More »

Lumma Stealer Activity Drops After Doxxing

disrupted, infostealer, Lumma Stealer, Malware & Threats /

Lumma Stealer Activity Drops After Doxxing 2025-10-20 at 16:07 By Ionut Arghire The identities of alleged core members of the Lumma Stealer group were exposed in an underground doxxing campaign. The post Lumma Stealer Activity Drops After Doxxing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Lumma Stealer Activity Drops After Doxxing Read More »

Scroll to Top