Infostealer
Curated coverage and analysis in this editorial area.
CryptoBandits: The USB Clipper-Worm That Adds RCE via Tor
Microsoft disclosed an active Windows clipper malware campaign running since February 2026 that uses malicious LNK files distributed v…
The 'robase' Malware Empties Entire Roblox Games: From Hat Theft to Digital Business Seizure
A malware campaign using the Python package 'robase' steals authenticated session tokens from Roblox developers via Discord social eng…
Malicious JetBrains Plugins Steal AI API Keys: 70,000 Downloads
A coordinated campaign of 15 malicious plugins on the JetBrains Marketplace exfiltrates AI API keys from developers' IDEs. Roughly 70,…
The Gentlemen: LLMs Accelerate the Ransomware Attack Cycle
CERT-AGID reveals that The Gentlemen ransomware group uses LLMs to build platforms in three days and customize extortion. Technical cl…
Algorithmic Exploitation: How TikTok and Instagram Reels Amplify Vidar Malware
ReversingLabs research reveals threat actors are using fake Spotify Premium tutorials to distribute the Vidar infostealer via PowerShe…
Child Identity Theft Surges 40%: The Decade-Long 'Shelf Life' of Stolen Minor Data
Data belonging to minors offers fraudsters a ten-year shelf life due to pristine credit scores and delayed detection. The FTC reports…
AI Zero-Days and OT Vulnerabilities: ESET’s May 2026 Security Briefing
Tony Anscombe’s latest roundup highlights critical failures in Polish water plants, Google’s discovery of the first AI-generated zero-…
AI-Directed Attacks and ICS Vulnerabilities: ESET’s Tony Anscombe on DynoWiper and the First AI Zero-Day
In his May 2026 security review, ESET’s Tony Anscombe analyzes a landscape of extremes: from the first AI-generated zero-day and 'AI-d…
FortiClient EMS: EKZ Infostealer May Target VPN Management Channels
CVE-2026-35616 (CVSS 9.8): Compromised FortiClient EMS platforms could be transformed into malware delivery vehicles. Attacks in May 2…
JINX-0164: Potential macOS Malware Campaigns Targeting Crypto Developers via LinkedIn
Threat actor JINX-0164 may be targeting cryptocurrency developers through LinkedIn social engineering, potentially utilizing the AUDIO…
TrapDoor Campaign Targets Crypto and AI Developers via 34+ Malicious Packages
The TrapDoor campaign deployed credential-stealing malware across npm, PyPI, and Crates.io, exfiltrating crypto wallets and weaponizin…
DocketWise Data Breach: 143,480 Impacted via Third-Party Repository Exposure
Legal-tech platform DocketWise has notified 143,480 individuals of a data breach involving cloned third-party repositories. The incide…