In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal
Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency
By [Alon Gal] | March 2025 Breaches like Orange, Schneider Electric, and Telefonica often start with a simple infostealer stealing JIRA or Confluence credentials. From there,
By [Alon Gal] | March 2025 At Infostealers.com, we’ve been sounding the alarm on the infostealer epidemic for years, uncovering how these malware families—like Vidar, Lumma,
In recent days, the cybersecurity community has been alarmed by the emergence of a massive data leak known as ALIEN TXTBASE, which was recently indexed on Have
We scrambled to launch BlackBastaGPT super fast after the latest Black Basta leak hit to get you immediate value. Find it here – www.hudsonrock.com/blackbastagpt This
By [Alon Gal] | February 2025 Introduction: When National Security Gets Compromised for $10 For years, the U.S. military and its defense contractors have been considered
Hudson Rock has been the go-to source for all things cybersecurity and infosec updates. Be it offering dark web intelligence or finding one’s own data
Cybercriminals are continuously evolving their tactics to exploit human behavior and trust. In one of the latest campaigns, attackers have weaponized fake CAPTCHA verification systems—tools
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant
Key Takeaways Introduction The increase of fake installers bundled with info stealers is a growing threat for users looking for pirated software. These malicious programs
Introduction Recent research from Halcyon has uncovered a novel approach by a threat actor — referred to as Codefinger — who is actively abusing Amazon Web Services (AWS) by
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant
Telefonica, a major telecommunications company, recently confirmed a breach in their internal ticketing system, which led to a significant data leak. The breach involved unauthorized
The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to
The cybersecurity landscape is rife with challenges, but some threats are quieter, subtler — and deadlier. Info stealers, the silent operators of the malware world,
In a recent campaign, North Korean threat actors have demonstrated a sophisticated approach by copying novel malware distribution techniques, notably those employed in the Clickfix
In this blog, we analyze the evolution of Lumma in 2024, based on the Diamond Model vertices. Disclaimer: Everything stated in this blog is for
Stay informed with the latest insights in our Infostealers weekly report. Explore key findings, trends and data on info-stealing activities.
