Tag: infostealer

Malware Threats Roundup: Active AI Framework Exploitation, New macOS Stealers, and Browser Supply Chain Attacks

CISA confirmed active exploitation of a critical Langflow AI framework vulnerability, prompting emergency patches. Meanwhile, new macOS infostealers are using fake CAPTCHA tricks and browser extensions are being weaponized for supply chain surveillance attacks.

Mar 27, 2026BleepingComputer, Graham Cluley, Cisco Talos, Malwarebytes Labs

langflowcve-2026-33017macos-malware

🇨🇳Hikvision🇨🇳TP-Link

mediumData Breaches & Incidents

ClickFix Campaign Evolution: Drive Mapping, VPN Spoofing, and Developer-Targeted Attacks

Security researchers have identified an evolution in ClickFix social engineering attacks, with new variants mapping attacker-controlled network drives, Storm-2561 using fake Fortinet/Ivanti VPN sites to distribute Hyrax infostealer, and MacSync malware targeting developers via fraudulent Claude AI extensions.

Mar 18, 2026Hackread

clickfixsocial-engineeringinfostealer

🇺🇸Google

highIndustry & Policy

Credential Theft Surge, Ransomware Evolution, and AI Security Risks Shape Threat Landscape

Threat actors are increasingly relying on stolen credentials rather than traditional exploitation, while ransomware groups adapt to lower payment rates by changing tools and tactics. Meanwhile, new attack vectors targeting AI development environments and mobile payment systems highlight expanding attack surfaces.

Mar 18, 2026Dark Reading, Infosecurity Magazine

credential-theftransomwareinfostealer

🇷🇺Inception

🇺🇸Reddit

highData Breaches & Incidents

Data Breach Roundup: AI Service Secrets Surge 81% on GitHub, Steam Games Hide Wallet Drainers, AWS Bedrock Leak Risk

GitGuardian reports 29 million secrets exposed on GitHub with an 81% surge in AI service leaks, while researchers discover data leak risks in AWS Bedrock AI tools. Meanwhile, the FBI investigates Steam games distributing malware that drained cryptocurrency wallets, and new phishing campaigns use real-time chat to impersonate major brands.

Mar 17, 2026Hackread, Troy Hunt

github-leaksai-securityinfostealer

🇺🇸Reddit🇺🇸Amazon

highNation-State & APT

Nation-State Activity Roundup: Iranian APT Evolution, Russian Backdoors, and Cross-Platform Social Engineering

Nation-state actors are diversifying their attack methods, with Iranian groups adopting AI-enhanced malware and identity weaponization, Russian APTs deploying the DRILLAPP backdoor against Ukrainian targets, and social engineering campaigns compromising German intelligence officials' encrypted communications.

Mar 17, 2026Security Affairs, Palo Alto Unit 42

aptnation-stateiran

highMalware & Threats

Malware Roundup: Healthcare Breach Hits 3.4M, CISA Orders iOS Patches, Phishing Kit Takedown

TriZetto suffered a breach exposing 3.4 million patient records while CISA ordered federal agencies to patch three iOS vulnerabilities actively exploited in crypto-theft attacks. Law enforcement successfully dismantled the Tycoon 2FA phishing-as-a-service platform that enabled MFA bypass attacks.

Mar 7, 2026BleepingComputer, Graham Cluley, Malwarebytes Labs

healthcare-breachios-vulnerabilitiesphishing-kit

🇺🇸Google🇺🇸Apple

highNation-State & APT

APT Threat Roundup: AI-Assisted Malware, Healthcare Ransomware, and Cryptojacking Campaigns

Multiple threat developments this week include Everest ransomware compromising healthcare data of 140,000 patients, experimental AI-assisted info-stealers, and sophisticated cryptojacking campaigns using BYOVD techniques. CrowdStrike's annual threat report highlights AI adoption among adversaries.

Feb 24, 2026Security Affairs, The Record, CrowdStrike

ransomwareinfostealercryptojacking

mediumMalware & Threats

ClickFix Campaign Expands to Target Cryptocurrency Wallets and 25+ Browsers

CyberProof researchers document ClickFix operation's expansion into cryptocurrency theft, using fake captchas to deploy infostealers across 25+ browsers and MetaMask wallets.

Feb 22, 2026Hackread

infostealerclickfixcryptocurrency

criticalMalware & Threats

Malware Roundup: 651 Cybercriminals Arrested, New Android Banking Trojan, Critical CCTV Flaw

Major cybercrime arrests across Africa, new Android banking malware targeting Europe, critical CCTV vulnerabilities, and emerging infostealer campaigns dominate this week's threat landscape.

Feb 19, 2026BleepingComputer, Graham Cluley, Malwarebytes Labs, SecureList (Kaspersky)

malwarebanking-trojanandroid

🇺🇸Meta Platforms

mediumMalware & Threats

Hudson Rock Warns: Infostealers Weaponize OpenClaw Configurations

Hudson Rock researchers warn that infostealers are targeting OpenClaw configuration files to steal victim credentials and digital assets.

Feb 17, 2026Infosecurity Magazine

infostealeropenclawcredential-theft

mediumNation-State & APT

Threat Roundup: AI Agent Targeting, Dark Web Data Sales, and Encrypted Messaging Evolution

New infostealer targets AI agent configs, Eurail data surfaces on dark web markets, Apple advances encrypted RCS messaging.

Feb 17, 2026Security Affairs

infostealerai-agentsopenclaw

🇺🇸Apple

highVulnerabilities & Exploits

Threat Roundup: AI Agent Theft, Password Manager Flaws, Chrome Zero-Day Under Active Attack

Critical week covering AI agent configuration theft, password manager vulnerabilities, active Chrome zero-day exploitation, and emerging mobile spyware platforms.

Feb 17, 2026The Hacker News, SANS ISC

infostealerpassword-managerschrome-zero-day

🇦🇪Telegram🇺🇸Google