Preview image for a blog post

BusySnake: A Coiled Threat to Global Critical Infrastructure

Armored Likho deploys BusySnake infostealer against critical infrastructure in Russia, Brazil, Kazakhstan.
Preview image for a blog post

Djinn Stealer: Exploiting CVE-2026-48558 to Harvest Cloud & AI Credentials

Djinn Stealer leverages CVE-2026-48558 in SimpleHelp, targeting cloud and AI credentials, posing a critical threat to enterprise security.
Preview image for a blog post

Arch Linux Under Siege: Over 400 AUR Packages Hijacked with Rust Infostealer and eBPF Rootkit

Over 400 Arch Linux AUR packages were hijacked to deploy a Rust infostealer and eBPF rootkit, targeting developer secrets and system stealth.
Preview image for a blog post

Critical Endpoint Vulnerabilities Exploited: Infostealers via FortiClient EMS, Trend Micro Apex One Under Siege

Analysis of critical FortiClient EMS and Trend Micro Apex One flaws exploited to drop infostealers, emphasizing advanced threat actor TTPs.
Preview image for a blog post

PureLogs Infostealer: Unmasking the Global Credential Exfiltration Campaign via Steganography

PureLogs infostealer is globally exfiltrating credentials, employing steganography in cat photos and phishing to bypass defenses.
Preview image for a blog post

Vidar Stealer 2.0: Weaponizing GitHub & Reddit for Advanced Infostealer Delivery via Fake Game Cheats

Highly technical analysis of Vidar Stealer 2.0's new tactics, exploiting GitHub and Reddit with fake game cheats.
Preview image for a blog post

SmartLoader Unleashes StealC: Trojanized Oura MCP Server Fuels Next-Gen Infostealer Campaign

SmartLoader campaign uses a trojanized Oura MCP server to deploy StealC infostealer, targeting sensitive health data and credentials.
Preview image for a blog post

Infostealer Exfiltrates OpenClaw AI Agent Configurations and Gateway Tokens: A New Era of AI Identity Theft

Infostealers now target OpenClaw AI agent configurations and gateway tokens, marking a critical shift in cyber threat evolution.