Credential Leaks Intelligence
Infostealer malware campaigns (Lumma, RedLine, Vidar, StealC), combo list releases on dark web forums, credential stuffing operations, and enterprise exposure reports.
Credential Leaks — Archive & Latest
Gremlin, SilabRAT & AI-Themed Stealers: OTX Pulse Analysis — Credential Theft & Supply Chain Threat Pack
Active campaigns using Gremlin Stealer, SilabRAT, and AI-themed phishing targeting credentials via supply chain and malvertising. High Urgency.
Gremlin Stealer, SilabRAT, and PyPI Supply Chain Attacks: OTX Pulse Analysis
Multi-vector credential theft campaign involving AI-themed phishing, malicious Python packages, and evolved info-stealers targeting enterprises.
Vidar, SilabRAT & PyPI Supply Chain Attack: Dark Web Credential Theft Surge
Credential theft via AI impersonation, TikTok tutorials, and malicious Python packages. Urgent detection required.
Vidar, SilabRAT & PyPI Supply Chain Attacks: Multi-Vector Credential Theft Campaign Analysis
AI-themed lures, PyPI supply chain attacks, and TikTok social engineering drive Vidar and SilabRAT infections. Urgency: High.
Vidar, Lumma, and SilabRAT: Multi-Vector Credential Theft Campaigns via AI Lures & Supply Chains
OTX Pulse: Vidar/Lumma stealers spreading via AI lures & TikTok; SilabRAT MaaS targeting crypto; Cisco SD-WAN exploits active. (High Urgency)
Operation AI Bait & Crypto MaaS: Vidar, SilabRAT, and Needle Campaign Analysis — OTX Pulse Intelligence
Active infostealer campaigns leveraging AI hype, TikTok, and PyPI to distribute Vidar, SilabRAT, and Needle. High urgency for credential defense.
Vidar, SilabRAT & Needle C2: Multi-Vector Credential Theft Campaigns Targeting Devs and End Users
Active infostealer campaigns (Vidar, SilabRAT) using AI phishing, TikTok tutorials, and malicious PyPI packages. Urgency: High.
Storm-3075, SilabRAT, and AI-Themed Infostealers: OTX Pulse Analysis — Enterprise Detection Pack
Active campaigns using AI phishing, TikTok tutorials, and PyPI supply chain attacks deploy Vidar, SilabRAT, and RustyStealer to steal credentials.
AI-Themed Phishing, MaaS Crypto-Stealers, and PyPI Worms: OTX Pulse Analysis — Enterprise Detection Pack
Surge in infostealers (Vidar, SilabRAT) via AI-branded lures and supply chain attacks targeting finance and tech sectors.
Storm-3075 AI Hype & SilabRAT MaaS: Multi-Vector Infostealer Surge & PyPI Supply Chain Compromise
Critical surge in infostealer campaigns (Vidar, Lumma, SilabRAT) leveraging AI hype, TikTok tutorials, and PyPI supply chains for credential theft.
Storm-3075, SilabRAT, and Needle: Multi-Vector Infostealer Campaigns Leveraging AI Hype and Supply Chains
OTX Pulse Analysis: Credential theft surge via AI scams, TikTok tutorials, and crypto-stealers. Block Vidar, SilabRAT, and Needle IOCs immediately.
SilabRAT MaaS, AI Brand Impersonation, and PyPI Supply Chain Attacks: Credential Theft Campaigns — OTX Pulse Analysis
Active Infostealer & C2 campaigns (SilabRAT, Vidar, Needle) use AI phishing, malicious PyPI wheels, and social media to steal crypto & credentials.
AI-Themed Infostealers & Supply Chain Attacks: Storm-3075, SilabRAT, and PyPI Worms — Detection Engineering
Active campaigns using AI lures (Vidar/Lumma) and malicious PyPI packages (Hades) targeting credentials and crypto. Immediate action required.
Lumma Stealer, Vidar, and SilabRAT Credential Harvesting Campaigns: OTX Pulse Analysis & Detection Engineering
OTX Pulses reveal active credential theft campaigns via AI social engineering, malicious PyPI packages, and MaaS platforms targeting finance & tech.
Storm-3075 & SilabRAT: AI Lures & Supply Chain Worms — OTX Pulse Detection Pack
Storm-3075 and SilabRAT MaaS campaigns target finance/tech via AI lures and malicious packages, deploying Vidar, Lumma, and RustyStealer.
Infostealer Ecosystem & Supply Chain Compromise: Storm-3075, TroyDen, and Hades Worms
Active credential theft campaigns leveraging AI lures, malicious PyPI/npm packages, and game trojanizers. Urgent detection required.
Lumma Stealer, Vidar & Supply Chain Worms: OTX Pulse Analysis — Multi-Vector Credential Theft Campaigns
Storm-3075 & supply chain actors exploit AI hype & dev tools for infostealer deployment. Urgent blocking and credential hygiene required.
Multi-Vector Credential Theft Campaigns: Lumma, Vidar, and Supply Chain Attacks — Enterprise Detection Pack
Multiple campaigns using AI-themed lures, supply chain attacks, and credential theft targeting enterprise sectors.
TroyDen AI Lures & Argamal RAT: OTX Analysis of Credential Theft Campaigns
Active infostealer surge detected: TroyDen's AI-generated GitHub lures, Argamal COM hijacking, and GriefLure APT targeting. Critical attention required.
TroyDen Lure Factory & Argamal RAT: OTX Pulse Analysis — Infostealer & Credential Theft Detection Pack
OTX pulses reveal large-scale infostealer and RAT campaigns targeting devs, gamers, and telcos using AI lures and COM hijacking.
TroyDen AI-Lures & Argamal RAT: Multi-Vector Credential Theft & TDS Ecosystem Analysis
Active campaigns infesting GitHub & fake repos with Redline/Lumma; PAN-OS zero-day exploited. Critical credential theft risk.
Operation GriefLure & TroyDen Factory: APT & Infostealer Swarm Analysis
APT espionage in SE Asia and global infostealer campaigns via GitHub & game installers. Immediate credential audit advised.
TroyDen, Argamal & GriefLure: Multi-Vector Infostealer & RCE Campaign Analysis
AI-generated GitHub lures, fake game RATs, and PAN-OS exploits target devs & APAC. Immediate credential checks required.
Redline, Lumma, and Argamal: A Multivector Infostealer Assault on Developers and Gamers — OTX Pulse Analysis
Active campaigns utilizing AI-generated GitHub lures, COM hijacking in game installers, and TDS ecosystems to steal credentials via Redline and Lumma.
Argamal RAT, RemusStealer, and Operation GriefLure: OTX Pulse Analysis — Enterprise Detection Pack
OTX pulses reveal credential theft campaigns (Argamal, RemusStealer), macOS ClickFix, and critical PAN-OS zero-day exploitation.
Argamal RAT, RemusStealer & macOS ClickFix: Multi-Vector Credential Harvesting — OTX Pulse Analysis
Active campaigns distributing Argamal, RemusStealer, and AMOS via fake dev tools, hentai games, and macOS ClickFix lures. High risk of credential theft.
Argamal RAT, RemusStealer & ClickFix: Multi-Platform Credential Theft Campaigns
OTX analysis reveals Argamal RAT and RemusStealer campaigns targeting telecom/healthcare via COM hijacking and TDS.
Gamaredon GammaSteel & Argamal: Surge in Multi-Vector Infostealer Campaigns
OTX Pulse: Active campaigns utilizing GammaSteel, Remus, and Argamal steal credentials via TDS, COM hijacking, and ClickFix lures.
Gamaredon GammaSteel, Argamal RAT, and Remus Stealer: OTX Pulse Analysis — Enterprise Detection Pack
Active campaigns: Gamaredon GammaSteel, Argamal RAT, and Remus Stealer exploiting TDS and COM hijacking for credential theft. High threat level.
Remus Stealer & Gamaredon GammaSteel: OTX Pulse Analysis — Credential Theft & RAT Campaigns
Active infostealer campaigns (Remus, Argamal, GammaSteel) target credentials via browser bypass, COM hijacking, and Phone Link exploitation. Urgency: High.
ClickFix, Argamal, and UAT-8302: A Surge in Infostealers, RATs, and APT Tooling — OTX Pulse Analysis
OTX pulses reveal active campaigns deploying ClickFix, Argamal, and UAT-8302 malware, targeting credentials and government entities with RATs and stealers.
Multi-Vector Credential Theft: ClickFix, Argamal, and CloudZ Pheno Analysis — OTX Pulse Intelligence Pack
Active campaigns utilizing fake tools, game mods, and Phone Link exploitation to steal credentials. High-risk detection update.
ClickFix, Argamal, CloudZ, and UAT-8302: OTX Pulse Analysis — Multi-Vector Credential Theft & APT Detection Pack
Active OTX pulses reveal ClickFix, Argamal, and UAT-8302 campaigns. Urgent credential theft threats via social engineering and TDS.
ClickFix, LofyStealer, and JINX-0164: OTX Pulse Analysis on Emerging Infostealer & Supply Chain Threats
Active campaigns involving ClickFix, LofyStealer, and crypto-dev targeting JINX-0164. Includes supply chain attacks on npm packages. High urgency.
ClickFix, LofyStealer & JINX-0164: Multi-Vector Infostealer & Supply Chain Assault — OTX Pulse Analysis
OTX pulses flag aggressive infostealer campaigns (ClickFix, LofyStealer), NPM supply chain attacks (Shai-Hulud), and OAuth abuse (Kali365). Action now.
Supply Chain Assault & Credential Harvesting: ClickFix, LofyStealer, JINX-0164, Kali365, and Shai-Hulud Campaigns — Enterprise Detection Pack
Multiple credential theft campaigns targeting cloud infrastructure and users via supply chain, social engineering, and OAuth abuse. Critical urgency.
Critical Infostealer Surge: ClickFix, LofyStealer, and NPM Supply Chain Attacks Targeting Cloud & Gaming Sectors
Active campaigns exploit social engineering and npm supply chains (CastleStealer, Shai-Hulud) to harvest credentials and cloud keys. Urgent hunting required.
Multi-Vector Infostealer Surge: ClickFix, LofyStealer & npm Supply Chain Attacks — OTX Pulse Analysis
OTX pulses highlight active credential theft campaigns via ClickFix social engineering, LofyStealer game mods, and npm package compromise. High urgency.
ClickFix, Ghost Stadium & EtherHiding: Analysis of Multi-Vector Credential Theft Campaigns
Active infostealer campaigns (LofyStealer, Vidar, CastleStealer) target gaming, crypto, and sports sectors via social engineering and smart contract C2.
ClickFix, Ghost Stadium & JINX-0164: Multi-Vector Credential Harvesting Analysis
OTX pulses reveal active credential theft campaigns via ClickFix, Ghost Stadium, and blockchain C2. Urgent detection rules included.
Credential Harvesting Evolved: ClickFix, LofyStealer & Ghost Stadium Campaigns — OTX Pulse Analysis
Active infostealer campaigns (ClickFix, LofyStealer) using fake tools, gaming lures, and FIFA phishing to steal credentials; high urgency.
Infostealer Surge: ClickFix, Lumma, and JINX-0164 Targeting Crypto & Enterprise — OTX Pulse Analysis
Rise in infostealers (Lumma, Vidar, ClickFix) targeting crypto and enterprise. Immediate IOC blocking and credential audit advised.
Infostealer Surge: ClickFix, LofyStealer, and GHOST STADIUM Targeting Global Infrastructure
OTX Alert: Active infostealer campaigns (ClickFix, LofyStealer, JINX-0164) using smart contract C2s and social engineering targeting crypto & sports sectors.
ClickFix, JINX-0164 & GHOST STADIUM: Cross-Platform Infostealer & Blockchain C2 Campaigns — OTX Intel
Active ClickFix/LofyStealer & GHOST STADIUM campaigns stealing credentials via fake FIFA sites & smart contract C2s.
ClickFix, LofyStealer & GHOST STADIUM: Emerging Infostealer Ecosystems and C2 Innovations — OTX Pulse Analysis
OTX pulses expose active infostealer ecosystems: ClickFix, LofyStealer, and Ghost Stadium targeting corporate credentials and financial data.
ClickFix, LofyStealer & JINX-0164: Multi-Vector Credential Theft Campaign Analysis — OTX Pulse Intelligence Pack
Active credential theft campaigns targeting gamers, crypto developers, and World Cup attendees. Urgent IOC blocking recommended.
ClickFix, LofyStealer & EtherHiding: OTX Pulse Analysis — Multi-Vector Credential Theft Campaigns
Active infostealer surge (ClickFix, LofyStealer, Lumma) targeting gamers, crypto, and event attendees via social engineering and blockchain C2.
OTX Pulse Analysis: Laravel Supply Chain, LofyStealer & Crypto-Fraud Campaigns — Enterprise Detection Pack
Supply chain attacks (Laravel) and credential theft campaigns (LofyStealer, Lumma) target developers and crypto. Urgent IOC blocking required.
LofyStealer, JINX-0164 & GHOST STADIUM: Multi-Vector Infostealer Campaigns Targeting Crypto & Gaming
OTX Pulse: LofyStealer and JINX-0164 infostealers target gaming and crypto; supply chain attacks via Laravel and smart contracts used for C2.
Multi-Front Credential Theft: LofyStealer, JINX-0164, and Ghost Stadium Supply Chain Analysis
Urgent: Active infostealer campaigns targeting crypto, gaming, and sports sectors via supply chain compromise, blockchain C2, and phishing.
Showing 50 of 180 reports. Archive expands automatically as new intel is generated.
Every Credential LeaksReport Includes SIGMA & KQL Detection Rules
Every intelligence briefing on this page includes at least one Sigma rule, a Microsoft Sentinel KQL hunt query, and an IOC check script — ready to drop into your SIEM. No paywall. No registration.