Phantom Stealer phishing targets banks with fileless malware and in-memory Windows process injection. The infostealer harvests credentials, cookies, financial data, screenshots, and cryptocurrency ...
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...
Armored Likho, a new APT group using AI-generated malware and the BusySnake Stealer to target government agencies and power ...
description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
Microsoft Threat Intelligence has identified an active multi-stage intrusion campaign targeting organizations in the hospitality and hotel industry since April 2026. We’ve observed this activity ...
Microsoft Threat Intelligence and Microsoft Defender Experts identified a Windows-based cryptocurrency clipper that has affected users since February of 2026. Clipper malware relies on stealing ...
A fileless malware framework is abusing Google’s Blogspot platform to deliver PureLog Stealer directly into computer memory, sharpening concerns that trusted web services are being turned into staging ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results