In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range

Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The campaign uses a social engineering technique called ClickFix to deliver multiple credential-stealing malware in order to conduct financial fraud and theft. As of February 2025, this

By [Alon Gal] | March 2025 Breaches like Orange, Schneider Electric, and Telefonica often start with a simple infostealer stealing JIRA or Confluence credentials. From there, it’s a straight shot to pulling heaps of data from internal servers. Companies tend to downplay these leaks—“no big deal, just some files”—while the data floats around cybercrime circles, waiting for someone to dig in.

By [Alon Gal] | March 2025 At Infostealers.com, we’ve been sounding the alarm on the infostealer epidemic for years, uncovering how these malware families—like Vidar, Lumma, RedLine, and Raccoon—silently harvest credentials and pave the way for devastating breaches. Backed by Hudson Rock’s threat intelligence, we’ve tracked countless corporate compromises stemming from infected devices. Now, the “2025 Cyber Threat Report” from Huntress,

In recent days, the cybersecurity community has been alarmed by the emergence of a massive data leak known as ALIEN TXTBASE, which was recently indexed on Have I Been Pwned (HIBP). This breach, reportedly containing over 23 billion records, was published on a Telegram channel and claimed to be a collection of Stealer Logs—credentials stolen from malware-infected devices. Our in-depth analysis questions the authenticity and

We scrambled to launch BlackBastaGPT super fast after the latest Black Basta leak hit to get you immediate value. Find it here – www.hudsonrock.com/blackbastagpt This AI chatbot is for threat intelligence researchers, letting you dive into Black Basta’s internal chats to unpack their ops, tactics, cash flow, and humor. It’s raw, real, and pulls straight from the data. Have fun