infostealers
Identity Is the New Attack Surface: How Infostealers Are Reshaping Enterprise Risk
Our essential new guide helps IT, Threat Intelligence, Fraud, and HUNT teams understand how infostealers operate, how stolen identity data fuels real-world attacks, and how organizations can move from reactive response to ...
Infostealers are becoming the go-to phishing payload
Cybercriminals prefer infostealers to traditional phishing techniques because they reduce friction, scale well, and are widely available ...
The Infostealer Economy: Why Stolen Sessions Are More Dangerous Than Passwords
The shift to stolen sessions no one is talking about enough For years, cybersecurity conversations around identity risk have focused on one thing: Passwords. Weak passwords. Reused passwords. Breached passwords. But that ...
Ransomware Victims up 389%, TTE in Less Than Two Days: How Can Defenders Stay Ahead?
Agentic AI’s impact on ransomware—it’s execution, its success and even who gets to play, is being widely felt. And we’re just getting started. ...
The Company Reviewing Your Meta Glasses Footage Has a Security Problem
Last week, Swedish journalists revealed that Meta sends video footage from Meta Ray-Ban smart glasses to human data annotators at Sama, a San Francisco-based outsourcing company that runs its annotation workforce out ...
How Discord Can Expose Corporate Data
Discord improves collaboration, but a compromised account can expose credentials, customer data and internal plans. Learn the risks and how to reduce exposure ...
Brightspeed Breach: Crimson Collective and the Infostealer Problem
Recently Crimson Collective claimed they breached Brightspeed and grabbed 1 million+ customer records. The list of data they claim to have accessed includes names, billing addresses, partial payment data, and more. There ...
The $150,000 Password
How one threat actor turned stolen credentials into a global breach portfolio Between December 2025 and January 2026, a single threat actor posted 25 data sales listings on a Russian-language cybercrime forum ...
React Fixes Two New RSC Flaws as Security Teams Deal with React2Shell
As they work to fend off the rapidly expanding number of attempts by threat actors to exploit the dangerous React2Shell vulnerability, security teams are learning of two new flaws in React Server ...
Attackers are Using Fake Windows Updates in ClickFix Scams
Huntress threat researchers are tracking a ClickFix campaign that includes a variant of the scheme in which the malicious code is hidden in the fake image of a Windows Update and, if ...
