PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
StegoAd Microsoft Edge extensions malware affected up to 2.6 million users after the company removed 119 add-ons that hid ...
Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal ...
A fileless malware framework is abusing Google’s Blogspot platform to deliver PureLog Stealer directly into computer memory, sharpening concerns that trusted web services are being turned into staging ...
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure ...