Amadey Exploiting Self-Hosted GitLab to Distribute StealC

Amadey Exploiting Self-Hosted GitLab to Distribute StealC By Rahul Sharma · December 18, 2025 Executive summary Amadey is a malware loader that has been active since 2018, primarily used to distribute second-stage payloads and infostealers. While Amadey has been previously known to distribute...

New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

Chromium-based web browsers are the target of a new malware called Rilide that masquerades itself as a seemingly legitimate extension to harvest sensitive data and siphon cryptocurrency. "Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a...

Malicious code in discord-ebhook (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2a7abd2f62d2bbd707c1eef0cf846dc245ebf1ef43f96e2f0746411abff24e6c Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in dscord-webhook (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx c50cc6a4200c01b5bc360ef4868c56c3ea06e46b6b54c3e53984b2765b4d18a5 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

Malicious code in colorrama (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7afee68d49c90b9125be9f204264c8eb7a32e827a1ef1cce5a3698f0775899f8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...