Storm Infostealer Hijacks Sessions Without Touching Passwords
A new malware called Storm infostealer appeared on criminal underground markets in early 2026, and it works differently from anything most security tools are built to catch. Instead of decrypting stolen browser data on the victim's machine, Storm ships the encrypted data to attacker-controlled servers and decrypts it there. Defenders have no visibility into that infrastructure. By the time the
Torg Grabber Malware Targets 728 Crypto Wallets
A newly discovered infostealer has sent shockwaves through the cybersecurity community. Torg Grabber malware, identified by researchers at Gen Digital, targets 728 cryptocurrency wallet browser extensions, along with hundreds of password managers, two-factor authentication tools, and note-taking apps. It spreads through social engineering, moves fast, and goes after virtually every digital asset a victim might have. This is not a
QuickLens Chrome Extension Steals Crypto in ClickFix Attack
A routine browser update can quickly turn into a security disaster. That is exactly what happened when the QuickLens Chrome extension received a malicious update that transformed it into a crypto-stealing tool. The QuickLens Chrome extension originally offered Google Lens-style search features and gained around 7,000 users in the Chrome Web Store. After a change in ownership, version 5.8 introduced
Arkanix Stealer Emerges as AI-Built Malware Test
Arkanix Stealer appeared suddenly on underground forums and disappeared almost as quickly. Security researchers describe it as a short-lived infostealer that likely relied on AI-assisted development techniques. Although the campaign did not last long, Arkanix Stealer highlights how rapidly cybercriminals can now build and test new malware strains. Researchers first observed the malware being promoted through dark web channels, complete
AMOS Infostealer Exploits AI Trust to Target macOS Users
A growing malware campaign is targeting macOS users by abusing the popularity of artificial intelligence tools and online search results. The threat centers on AMOS, short for Atomic macOS Stealer, an infostealer designed to harvest sensitive data from Apple systems. Instead of relying on traditional phishing emails or software cracks, attackers are now embedding malware within seemingly helpful AI-related content
Mustang Panda Infostealers Expand CoolClient Backdoor
Mustang Panda infostealers are now playing a central role in the Chinese-linked threat actor’s espionage campaigns, marking a clear shift in how the group extracts value from compromised systems. Recent research shows that the CoolClient backdoor has evolved beyond basic remote access and now includes dedicated data-stealing capabilities. This development raises the risk profile of CoolClient infections, especially for government
SantaStealer Malware Targets Browsers and Crypto Wallets
SantaStealer malware has emerged as a new information-stealing threat that focuses on browser data and cryptocurrency wallets, using fake software installers to trick users into executing a malicious Windows payload. Once launched, the malware operates quietly in the background, harvesting sensitive information that attackers can quickly convert into financial gain. Rather than relying on persistence or advanced evasion, SantaStealer reflects
Rhadamanthys Infostealer Disruption Shakes Cybercrime Market
The Rhadamanthys infostealer disruption has sent shockwaves through the cybercrime world. In early November 2025, operators and paying "customers" suddenly lost access to their web panels and servers. SSH logins switched to certificate-only mode without warning, leaving hackers locked out of their own tools. This abrupt shutdown may indicate a coordinated law enforcement action, potentially linked to Europe’s ongoing Operation
Fake Microsoft Teams Installers Push Oyster Malware in Malvertising Attack
Fake Microsoft Teams installers push Oyster malware through a new malvertising campaign. Cybercriminals exploit paid ads to trick people into downloading malware instead of legitimate software. By imitating Microsoft’s trusted collaboration platform, attackers increase the chances of success. This campaign is especially concerning because Microsoft Teams is a core tool for remote work and daily business communication. Employees often search
TamperedChef Infostealer Hides in Fake PDF Editing App
The TamperedChef infostealer has emerged as a serious threat, hiding inside a fraudulent PDF editor promoted through Google Ads. This deceptive campaign tricked users into downloading an app that appeared legitimate, only to later activate malicious features. With delayed activation and credential theft, the campaign shows how cybercriminals continue to evolve their tactics. Malvertising and the Fake PDF Tool Attackers
