Identity & Access Infostealers Turn Millions of Devices Into Credential Theft Machines As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations. Kevin TownsendJune 10, 2026
Malware & Threats Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. Ionut ArghireMarch 28, 2026
Malware & Threats Iranian Hackers Likely Used Malware-Stolen Credentials in Stryker Breach The medtech giant has been working on restoring systems affected by the cyberattack conducted by the Handala hackers. Eduard KovacsMarch 18, 2026
Cybercrime Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement. Eduard KovacsMarch 12, 2026
Malware & Threats Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign Threat actors replace legitimate commands on the cloned installation webpages with malicious commands. Ionut ArghireMarch 9, 2026
Malware & Threats Over 100 GitHub Repositories Distributing BoryptGrab Stealer The malware targets browser and cryptocurrency wallet data, along with system information and user files. Ionut ArghireMarch 7, 2026
Malware & Threats ‘Arkanix Stealer’ Malware Disappears Shortly After Debut Written in C++ and Python, the malware exfiltrates system information, browser data, and steals files. Ionut ArghireFebruary 24, 2026
Malware & Threats ‘SolyxImmortal’ Information Stealer Emerges The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks. Ionut ArghireJanuary 19, 2026
Data Breaches Dozens of Major Data Breaches Linked to Single Threat Actor The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. Ionut ArghireJanuary 6, 2026
Malware & Threats Infostealer Malware Delivered in EmEditor Supply Chain Attack The ‘download’ button on the official EmEditor website served a malicious installer. Eduard KovacsDecember 29, 2025
Malware & Threats MacSync macOS Malware Distributed via Signed Swift Application A recent MacSync Stealer version no longer requires users to directly interact with the terminal for execution. Ionut ArghireDecember 22, 2025
Tracking & Law Enforcement 1,000+ Servers Hit in Law Enforcement Takedown of Rhadamanthys, VenomRAT, Elysium An individual believed to have been involved in the operation of VenomRAT was arrested recently in Greece. Eduard KovacsNovember 13, 2025
Data Breaches Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack The Japanese media giant says compromised Slack credentials were used to steal employee and business partner information. Eduard KovacsNovember 5, 2025
Malware & Threats Open VSX Downplays Impact From GlassWorm Campaign Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense. Ionut ArghireOctober 31, 2025
Malware & Threats 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information. Ionut ArghireOctober 30, 2025
Data Breaches Cybercriminals Trade 183 Million Stolen Credentials on Telegram, Dark Forums The email addresses were pulled from various sources and 16.4 million of them were not present in previous data breaches. Ionut ArghireOctober 28, 2025
Malware & Threats Lumma Stealer Activity Drops After Doxxing The identities of alleged core members of the Lumma Stealer group were exposed in an underground doxxing campaign. Ionut ArghireOctober 20, 2025
Malware & Threats Widespread Infostealer Campaign Targeting macOS Users Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. Ionut ArghireSeptember 22, 2025
Malware & Threats Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide. Kevin TownsendAugust 27, 2025
Malware & Threats SonicWall Warns of Trojanized NetExtender Stealing User Information SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. Ionut ArghireJune 25, 2025