Lucene search
K

44 matches found

The Hacker News
The Hacker News
added 2025/03/18 7:0 a.m.22 views

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

Microsoft is calling attention to a novel remote access trojan RAT named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data. The malware contains capabilities to "steal information from the...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/02 11:2 p.m.5 views

Malicious code in ilovenyxxbait (PyPI)

The package acts as an infostealer, exfiltrating sensitive files and credentials from browser databases via Telegram...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/02 11:2 p.m.5 views

Malicious code in ilovenyxx (PyPI)

The package acts as an infostealer, exfiltrating sensitive files and credentials from browser databases via Telegram...

7AI score
Exploits0
HackRead
HackRead
added 2024/12/02 6:35 p.m.8 views

SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials

SmokeLoader malware has resurfaced with enhanced capabilities and functionalities, targeting your personal data...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2024/04/17 12:30 p.m.99 views

Cookie-Monster - BOF To Steal Browser Cookies & Credentials

Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the Cookies and Login Data files, copy the handles and then filelessly download the target. Once the Cookies/Login Data files are...

7.1AI score
Exploits0References3
hivepro
hivepro
added 2023/10/19 6:23 a.m.29 views

Multiple State-Sponsored Groups Exploit WinRAR Vulnerability in Phishing Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A series of phishing attacks linked to a Russian state-sponsored group, leveraging a WinRAR vulnerability to steal data, including browser credentials via PowerShell commands and exfiltrating it through ...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2023/08/31 6:0 p.m.23 views

New open-source infostealer, and reflections on 2023 so far

Welcome to this weeks edition of the Threat Source newsletter. Im covering for Jon this week whilst he takes some well-deserved holiday. Whats on my mind this week? Well, apart from a new horror film that I just read about called "Slotherhouse" where the killer is, um, a sloth I predict nothing b...

6.7AI score
Exploits0
NVD
NVD
added 2023/08/25 4:15 p.m.19 views

CVE-2020-11711

An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possibl...

4.8CVSS5AI score0.00399EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/06/09 5:57 a.m.5 views

Stealth Soldier: A New Custom Backdoor Targets North Africa with Espionage Attacks

A new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa. "Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and microphone recording,...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/30 11:26 a.m.3 views

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/14 10:12 a.m.57 views

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions .NetCore, the latest version PHP also aims to...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/04 7:38 a.m.27 views

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP...

6.6AI score
Exploits0
Trellix
Trellix
added 2022/02/07 12:0 a.m.11 views

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer

Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer By Taylor Mullins · February 7, 2022 What information are you storing in your Browsers? Storing credentials and other important information in web browsers is a helpful method to not have to...

7.2AI score
Exploits0
OSV
OSV
added 2021/07/14 2:15 p.m.4 views

CVE-2021-35527

Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions...

7.5CVSS7.1AI score0.01016EPSS
Exploits0References1
CVE
CVE
added 2021/07/14 1:15 p.m.61 views

CVE-2021-35527

CVE-2021-35527 affects Hitachi ABB Power Grids eSOMS web application password field. The issue is described as insufficiently protected credentials stored by the browser, enabling potential disclosure of user credentials for Hitachi ABB Power Grids eSOMS versions 6.3 and earlier. The advisory ICS...

7.5CVSS7.7AI score0.01016EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/07/14 12:0 a.m.5 views

Hitachi ABB Power Grids eSOMS 安全漏洞

Hitachi ABB Power Grids eSOMS is an application from Hitachi ABB Power Grids. a shift operations management system for the power generation industry. A security vulnerability exists in Hitachi ABB Power Grids eSOMS that stems from a password auto-fill vulnerability in the password field of the...

7.5CVSS7.3AI score0.01016EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2020/03/20 8:28 p.m.88 views

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2020/03/20 8:28 p.m.85 views

Revamped HawkEye Keylogger Swoops in on Coronavirus Fears

There’s a new variant of the HawkEye keylogging malware making the rounds, featuring expanded info-stealing capabilities. Its operators are looking to capture the zeitgeist around the novel coronavirus. It’s being distributed using spam that purports to be an “alert” from the Director-General of...

7.5AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/02/20 8:48 p.m.69 views

Separ Malware Plucks Hundreds of Companies' Credentials in Ongoing Phish

An ongoing phishing campaign is using malicious PDF documents to spread Separ malware and ultimately steal victims’ browser and email credentials. Since the attack started at the end of January, it has affected around 200 companies and over 1,000 individuals, located mainly in Southeast Asia, the...

1.2AI score
Exploits0References4
Kitploit
Kitploit
added 2018/12/22 1:10 p.m.169 views

SharpWeb - .NET 2.0 CLR Project To Retrieve Saved Browser Credentials From Google Chrome, Mozilla Firefox And Microsoft Internet Explorer/Edge

SharpWeb is a .NET 2.0 CLR compliant project that can retrieve saved logins from Google Chrome, Firefox, Internet Explorer and Microsoft Edge. In the future, this project will be expanded upon to retrieve Cookies and History items from these browsers. Usage Usage: .\SharpWeb.exe arg0 arg1 arg2...

7.1AI score
Exploits0References3
Rows per page
Query Builder