A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
Law enforcement dismantled 326 servers and 142 domains tied to Amadey and StealC, recovering 27 million stolen credentials.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Two AI tools broke in the same way in the same two weeks, and four research teams proved it. The pattern underneath every disclosure is one sentence: enterprise AI accepts external input with no trust ...