< ciso
brief />
Tag Banner

All news with #infostealer tag

369 articles · page 6 of 19

TeamPCP Supply Chain Attack Compromises Security Tools

⚠️ Unit 42 describes a multi-stage supply chain campaign by TeamPCP that compromised widely used security and developer tooling, including Trivy, KICS, LiteLLM, and the Telnyx Python SDK. The attackers injected infostealer payloads into GitHub Actions and PyPI/npm packages to harvest cloud tokens, SSH keys, Kubernetes secrets, and LLM API keys while preserving normal tool behavior. The operation leveraged decentralized ICP canisters for resilient C2 and deployed a worm/wiper named CanisterWorm, prompting urgent CI/CD and cloud identity hardening guidance.
read more →

Phantom Stealer: .NET Infostealer Hits European Firms

🔍Phantom Stealer, a .NET-based infostealer sold as part of a commercial cybercrime toolkit, harvests browser credentials, cookies, saved passwords, autofill and payment card details as well as messaging and email session data from infected systems. Group-IB observed a sustained phishing campaign between November 2025 and January 2026 that targeted logistics, manufacturing and technology organizations across Europe in five waves. Emails impersonated an equipment trading company and carried archive attachments with obfuscated JavaScript droppers or malicious executables. Indicators such as SPF failures, missing DKIM, reused templates and consistent spelling mistakes pointed to automated, template-driven stealer-as-a-service activity, with stolen data exfiltrated via messaging platforms, SMTP and FTP.
read more →

Infinity Stealer targets macOS using ClickFix and Nuitka

⚠️Researchers at Malwarebytes detail a macOS info-stealing campaign that uses a Python payload compiled into a native binary with Nuitka, delivered via a ClickFix page impersonating Cloudflare. Victims are tricked into pasting a base64-obfuscated curl command into Terminal, which boots a staged installer that removes quarantine flags and launches a Nuitka loader. The loader contains a compressed payload and performs anti-analysis checks before harvesting browser credentials, Keychain entries, cryptocurrency wallets and developer secrets.
read more →

Backdoored Telnyx PyPI Package Drops WAV-Stego Malware

⚠️A backdoored release of the Telnyx Python SDK on PyPI was used to deploy credential-stealing malware hidden inside WAV audio files. Security firms Aikido, Socket, and Endor Labs attribute the tampering to TeamPCP, which published versions 4.87.1 and 4.87.2; the latter contained a functioning payload. The malicious code executes on import from telnyx/_client.py and uses steganography to XOR-decode a WAV-hosted second stage that harvests SSH keys, cloud tokens, wallets, environment variables, and Kubernetes secrets. Developers are advised to revert to Telnyx 4.87.0 and treat any systems importing the affected releases as compromised.
read more →

TeamPCP Pushes Malicious Telnyx PyPI Packages for Secrets

🎧 TeamPCP published two malicious telnyx PyPI releases (4.87.1 and 4.87.2) on March 27, 2026 that harvest and exfiltrate credentials using audio steganography embedded in .WAV files. The trojanized code executes on import via modifications to telnyx/_client.py, targets Windows, Linux and macOS, and minimizes forensic traces through in-memory execution and encrypted HTTP exfiltration. PyPI has quarantined the project; users should downgrade to 4.87.0, rotate secrets, and audit affected environments.
read more →

Suspected RedLine Infostealer Administrator Extradited

🔒 Hambardzum Minasyan, an Armenian national, was extradited to the United States and charged with helping administer the RedLine infostealer operation. U.S. prosecutors allege he registered virtual private servers, domains, a cryptocurrency account used for affiliate payments, and file-sharing repositories that distributed the malware. He is accused of managing command-and-control infrastructure, assisting affiliates, and conspiring to launder proceeds, and faces multiple federal counts with a potential prison term if convicted.
read more →

Torg Grabber infostealer targets 728 crypto wallets

🔒 Gen Digital researchers describe a rapidly evolving info‑stealer named Torg Grabber that exfiltrates data from 850 browser extensions, including 728 cryptocurrency wallets. Initial access commonly uses a clipboard hijack and a ClickFix PowerShell trick; the payload runs in memory via reflective loading, direct syscalls and heavy obfuscation. Operators migrated exfiltration to HTTPS through Cloudflare and added an App‑Bound Encryption bypass to harvest Chromium cookie data.
read more →

GlassWorm Campaign Uses Solana Dead-Drops for RAT Operations

🔍 Cybersecurity researchers report a new GlassWorm evolution that delivers a multi-stage data theft framework and a remote access trojan (RAT) which force-installs a malicious Google Chrome extension masquerading as Google Docs Offline. The campaign gains initial access via rogue packages on npm, PyPI, GitHub and Open VSX, and resolves C2 addresses using Solana memos and public Google Calendar dead drops. A .NET component performs hardware wallet phishing when Ledger or Trezor devices are connected, while a WebSocket RAT harvests browser data, executes arbitrary JavaScript, and supports HVNC and SOCKS modules. Developers are urged to verify publishers and use scanning tools such as AFINE's glassworm-hunter.
read more →

TeamPCP Expands Supply-Chain Attacks via PyPI LiteLLM

📦 The widely used Python package LiteLLM on PyPI was found to contain credential-stealing malware in versions 1.82.7 and 1.82.8, uploaded on 24 March 2026. Security researchers report the malicious code harvested SSH keys, cloud credentials, Kubernetes secrets, database credentials, TLS keys and cryptocurrency wallets, then encrypted and exfiltrated the data to attacker infrastructure and installed persistent backdoors. Endor Labs and JFrog analysis showed the later variant executed whenever any Python process started, enabling silent background operation; version 1.82.6 is the last known clean release and organizations are urged to rotate secrets and audit systems for compromise.
read more →

PyPI Warns After LiteLLM Packages Steal Cloud Secrets

⚠️ PyPI warned developers after two malicious releases of the Python LLM middleware LiteLLM were briefly posted, potentially exposing any credentials accessible to the package environment. Sonatype and Wiz analyses describe a three-stage, obfuscated payload that harvested environment variables, cloud and CI/CD credentials, SSH keys, and other sensitive artifacts, encrypting stolen data before exfiltration. PyPI linked the uploads to an exploited Trivy dependency in the ongoing TeamPCP supply-chain campaign and urged users to revoke or rotate secrets that may have been exposed.
read more →

Experts Warn of Browser Extensions Poaching AI Prompts

🛡️ Security researchers have warned of malicious Chrome extensions that silently monitor and exfiltrate users' AI chat content. According to Expel, extensions watch open tabs and capture prompts and responses via API interception or DOM scraping before sending the data to external servers. Attackers either impersonate popular tools or convert legitimate extensions into malicious ones after building a user base. Organisations are urged to block unvetted AI extensions and centrally manage and audit extension use.
read more →

Fake Resume Phishing Deploys Miners and Steals Credentials

📄 A targeted phishing campaign leverages fake French-language resumes containing heavily obfuscated Visual Basic Script droppers to steal enterprise credentials and deploy a Monero miner. The operation, tracked as FAUX#ELEVATE by Securonix, abuses legitimate services including Dropbox, compromised WordPress sites in Morocco for C2 configuration, and mail[.]ru SMTP accounts for exfiltration. The dropper uses sandbox-evasion techniques, a domain-join gate, and a persistent UAC loop to obtain admin privileges, disable defenses and execute its multi-stage toolkit rapidly.
read more →

NPM 'Ghost' Campaign Uses Fake Install Logs to Hide Malware

🔍 Security researchers at ReversingLabs uncovered a malicious npm campaign, dubbed the 'Ghost campaign', that uses fabricated installation logs to conceal downloader behavior. Malicious packages impersonate legitimate installs—displaying fake dependency downloads, progress bars and random delays—and prompt users for their sudo password under false pretenses. That credential is then used to fetch and execute a final-stage remote access trojan capable of stealing crypto wallets and sensitive data; researchers advise verifying package authors, monitoring install scripts and avoiding sudo prompts during installs.
read more →

Ghost campaign uses npm packages to steal crypto wallets

🛡️Security researchers at ReversingLabs have uncovered a set of malicious npm packages published by user mikilanjillo that phish for sudo credentials and deploy a multi-stage downloader to steal cryptocurrency wallets and other sensitive data. The packages display fake npm install logs and inject delays to mask their actions, then prompt for elevated privileges to retrieve a remote payload via Telegram. The final stage installs a remote access trojan capable of harvesting browser credentials, wallets, SSH keys, and developer tokens.
read more →

StoatWaffle malware auto-executes via VS Code tasks

🔐 NTT Security warns of a newly disclosed malware strain called StoatWaffle that automatically executes when developers open and trust weaponized Visual Studio Code folders. The threat leverages a crafted .vscode/tasks.json with a runOn: folderOpen setting to trigger a Node.js-based loader, credential stealer and RAT without explicit user action. Operators attributed to WaterPlum are evolving the long-running Contagious Interview campaign to target developer workflows and toolchains.
read more →

Trivy Supply-Chain Attack Spreads to Docker and GitHub

🔔 The TeamPCP threat actor extended its Trivy supply‑chain attack by pushing malicious Docker images and hijacking Aqua Security's GitHub organization, tampering with multiple repositories. Security researchers and Socket identified Docker Hub images tagged 0.69.5 and 0.69.6 that lack corresponding GitHub releases and contain indicators of compromise linked to the TeamPCP Cloud stealer. Aqua said incomplete token rotation after an earlier incident allowed attackers to reuse credentials, and the company published safe Trivy releases while engaging Sygnia to investigate and remediate.
read more →

Trivy Supply Chain Attack Expands With New Images Now

🛡️ Researchers have identified additional compromised Docker images tied to the Trivy supply‑chain incident after attackers injected credential‑stealing malware into official releases and GitHub Actions. New Docker tags 0.69.5 and 0.69.6 were uploaded on March 22 without matching GitHub releases and contain IOCs linked to the TeamPCP infostealer. Aqua Security confirmed repository tampering and advised teams to treat CI/CD scans as potentially compromised while noting its commercial products appear unaffected.
read more →

VoidStealer bypasses Chrome ABE to steal browser secrets

🔐 Researchers have identified a new infostealer called VoidStealer that bypasses Chrome's Application-Bound Encryption (ABE) to exfiltrate stored passwords, cookies, and tokens. Unlike prior ABE bypasses that relied on code injection or elevated privileges, VoidStealer attaches as a debugger and uses hardware breakpoints to capture the v20_master-key at the precise moment it appears in plaintext. The malware can fall back to injection-based methods but prioritizes the stealthy debugger technique. Defenders should monitor for debugger attachments, unexpected memory reads, and anomalous Chrome process activity.
read more →

FBI: Handala Hackers Use Telegram for Malware C2 Operations

🔐 The FBI warns that Iranian-linked actors, including Handala and a state-associated Homeland Justice group, are using Telegram as command-and-control infrastructure in Windows malware campaigns. Attackers employ social engineering to install malware that exfiltrates screenshots and files from journalists, dissidents, and opposition groups worldwide. The alert followed the seizure of four clearnet domains and references prior disruptive operations such as Handala's attack on Stryker.
read more →

Trivy supply-chain breach spreads infostealer via Docker

🚨 Researchers uncovered trojanized Trivy images on Docker Hub after a supply-chain compromise that pushed malicious releases to developer environments. The last known clean release is 0.69.3; tags 0.69.4–0.69.6 were removed after analysis linked several images to the TeamPCP infostealer. The incident also affected related GitHub Actions and spawned downstream npm compromises and repository defacements.
read more →