82 matches found
TeamPCP Hits Trivy, Checkmarx, and LiteLLM in Credential Theft Campaign
Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers...
Malicious code in license-utils-kit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 eb0116c55754c947c819c966f213a99864511536a414619cf3154b89be59f9e8 Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...
Hacked sites deliver Vidar infostealer to Windows users
In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves. Our researchers have recently detected a campaig...
Arkanix Stealer: a C++ & Python infostealer
Introduction In October 2025, we discovered a series of forum posts advertising a previously unknown stealer, dubbed "Arkanix Stealer" by its authors. It operated under a MaaS malware-as-a-service model, providing users not only with the implant but also with access to a control panel featuring...
SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol MCP server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Serv...
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data
Cybersecurity researchers have discovered a new malicious NuGet package that typosquats and impersonates the popular .NET tracing library and its author to sneak in a cryptocurrency wallet stealer. The malicious package, named "Tracer.Fody.NLog," remained on the repository for nearly six years. I...
Malicious Package
Overview Tracer.Fody.NLog is a malicious package. This package contains malicious code, and masquerades as a legitimate Tracer.Fody NLog adapter by typosquatting the real Tracer.Fody package and its maintainer. Instead of providing tracing functionality, it embeds hidden malware that scans for...
MAL-2025-191157 Malicious code in cline-ai-main.cline-ai-agent (VSCode)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 04aeefbf39e1e9157280b91899a141e4f4c6619d434c594e4a2d3bf43883dbe6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...
stealer
Stealer C stealer Chrome, Opera ,Chromium ,Edg...
Malicious code in backtradingbot (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 117c24f5b7a0f5e4921e4478231a717ecca01748a5b266d8984e619f06173984 Running the installed entry point downloads and executes remote code. During the analysis, the code was switching to websockets, adding a startup script and...
Banana Squad Hides Data-Stealing Malware in Fake GitHub Repositories
Banana Squad hid data-stealing malware in fake GitHub repos posing as Python tools, tricking users and targeting sensitive info like browser and wallet data...
CVE-2019-15947
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their private keys, via a grep "6231 0500" command...
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet...
Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild
A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...
Ravencoin 安全漏洞
Ravencoin is an experimental digital currency open-sourced by RavenProject that allows instant payments to anyone, anywhere in the world. A security vulnerability exists in Ravencoin Core 4.3.2.1 and earlier versions, which stems from an issue in src/wallet/wallet.cpp that can be exploited by an...
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. "The stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP...
Kraken botnet bypass Windows Defender to steal crypto wallet data
By Deeba Ahmed Kraken botnet utilizes SmokeLoader malware, and its operators have already been raking in around $3,000 per month. ZeroFox… This is a post from HackRead.com Read the original post: Kraken botnet bypass Windows Defender to steal crypto wallet data...
Fake KPSPico Windows activator tool KPSPico steals crypto wallet data
By Waqas Watch out for fake and malicious KMSPico Windows activator used in spreading CrypBot malware to steal crypto wallets' data. This is a post from HackRead.com Read the original post: Fake KPSPico Windows activator tool KPSPico steals crypto wallet data...
MGASA-2020-0458 Updated bitcoin packages fix security vulnerabilities
Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's wallet.dat file, including their privat...
Brave Android 1.16.68 Security Fixes
Fixed file-path for cookies as reported on HackerOne by kanytu. - Encrypted private wallet data preferences for Brave Rewards...