Phantom Project Bundles Infostealer, Crypter and RAT For Sale
Phantom Stealer .
Malware
20 articles
Hackers compromise Axios npm package to drop cross-platform malware
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windo...
Hackers Poison Axios npm Package with 100 Million Weekly Downloads
Axios npm Package compromised in a supply chain attack, exposing developers to malware, data theft, and full system takeover risks worldwide.
Axios npm supply chain attack: Malicious updates add remote access trojan
The axios npm package, with about 100 million weekly downloads, was compromised via a maintainer’s account.
Axios NPM Packages Breached in Ongoing Supply Chain Attack
A severe supply chain attack has compromised the widely used Axios HTTP client on the npm registry. Attackers injected a malicious dependency into specific A...
DeepLoad Malware Uses ClickFix and AI Evasion to Hit Enterprise Networks
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix tech...
RoadK1ll Malware Turns Hacked Devices Into Network Relays
Hackers are deploying a new Node. js-based implant dubbed RoadK1ll to quietly turn compromised hosts into on-demand network relays, enabling stealthy pivotin...
GhostSocks Hijacks Devices as Proxy Network for Stealthy Cyberattacks
A newly emerging malware known as GhostSocks is quietly reshaping how attackers evade detection by converting compromised systems into residential proxy node...
Cybersecurity jobs available right now: March 31, 2026
Android Malware Research Director Alice | Israel | On-site – View job details As an Android Malware Research Director, you will establish operational process...
Apple: Spyware compromise prevented by Lockdown Mode
TechCrunch reports that Apple has touted that all of its devices with the Lockdown Mode activated have not been impacted by spyware intrusions.
Clandestine BlankGrabber malware examined
Windows systems have been more stealthily compromised by the BlankGrabber malware through the exploitation of a counterfeit certificate holder for multi-stag...
Russian Hackers Deploy “CTRL” for RDP Hijacking
Russian hackers are using a new remote access toolkit called “CTRL” to silently hijack Remote Desktop Protocol (RDP) sessions via FRP-based reverse tunnels, ...
Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare
Iran-linked hacking groups are turning to high-volume, low-impact cyberattacks The post Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fig...
Apple’s Camera Indicator Lights
A thoughtful review of Apple’s system to alert users that the camera is on. It’s really well-designed, and important in a world where malware could surreptit...
LiteLLM supply chain attack exposes millions to credential theft
Researchers at Endor Labs, have discovered a supply chain attack on the popular Python package LiteLLM on PyPI, with malicious code injected into versions 1.82.
VoidLink Proves AI-Assisted Malware Is No Longer Experimental
VoidLink shows that AI-assisted malware is now a mature, operational tool rather than a lab experiment, compressing what once required a full team into days ...
AI Threat Landscape Digest January-February 2026
KEY FINDINGS AI-assisted malware development has reached operational maturity.VoidLink framework, which is modular, professionally engineered, and fully func...
New Infinity Stealer malware grabs macOS data via ClickFix lures
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka co...
Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer. The post Cloudflare-Themed ClickFix Attac...
Fake Certificate Loader Hides BlankGrabber Malware Chain
BlankGrabber’s operators are now abusing a fake “certificate” loader to hide a multi‑stage Rust and Python infection chain, making this commodity stealer sig...