PupkinStealer – New .NET Info-Stealer
Analysis of PupkinStealer, a .NET Telegram info-stealer that steals passwords, sessions & files. Includes IOCs and quick mitigation tips.| ZeroDay Labs
In September 2025, Kandji’s security researchers uncovered a sophisticated credential theft campaign targeting macOS developers through spoofed Homebrew installer sites. The tactics used paralleled recent pro-Russian hacktivist methods employed against operational technology (OT) and industrial control system (ICS) environments. The operation exploited trust in package managers to deliver malicious payloads capable of credential harvesting and […] The post Credential Theft Tactics by Pro-...| Cyber Security News
A pro-Russian hacktivist group known as TwoNet was caught targeting a decoy water treatment facility during a honeypot operation by Forescout’s Vedere Labs in September 2025. The incident, which unfolded via unauthorized access to a human-machine interface (HMI), highlights an evolving trend of hacktivists pivoting from web defacement to more nuanced intrusions against operational technology (OT) and […] The post Credential Theft Tactics by Pro-Russian Hacktivists Against OT and ICS Env...| Cyber Security News
Phishing attacks have moved beyond simply sending emails with malicious links to incorporate more modern social engineering techniques, including the alarming trend of mixing in smishing (SMS phishing) and vishing (voice phishing). These techniques are a growing threat beyond email security and enhance cybercriminals’ capabilities to achieve their objectives using this new range of communication […] The post From Phishing to Vishing – Modern Social Engineering Attacks first appeared on ...| SlashNext
Analysis of PupkinStealer, a .NET Telegram info-stealer that steals passwords, sessions & files. Includes IOCs and quick mitigation tips.| ZeroDay Labs
Learn how phishing, smishing, and vishing, key components of modern social engineering and business email compromise (BEC), leverage bots and voice cloning to bypass traditional defenses and capture credentials today.| SlashNext | Complete Generative AI Security for Email, Mobile, and Browser
Going passwordless is an integral part of eliminating credential theft. Here's why.| syfuhs.net
