The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Turns out Windows already gives you all the tools you need to block distracting apps and websites—you just have to put them ...
What happened Microsoft warned about CryptoBandits, a Windows-based cryptocurrency clipper that also functions as a lightweight backdoor with data exfiltration and remote code execution capabilities.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Microsoft discovers USB-spread crypto clipper malware intercepting Bitcoin and Ethereum wallet keys via clipboard monitoring on Windows systems since Feb 2026.
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript ...
Cybersecurity researchers at Microsoft have uncovered a sophisticated piece of malware that spreads through USB drives, intercepts cryptocurrency wallet ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...