StealC web-based control panel XSS cross-site scripting flaw
Vulnerability
Summary
Hide ▲
Show ▼
Researchers disclosed a cross-site scripting (XSS) flaw in the StealC web-based control panel that exposed session cookies and system fingerprints. The bug mattered because it let operators' infrastructure be inspected and abused, creating risk of cookie theft and session monitoring. The disclosure was published last week and helped reveal details about the threat-actor environment.
Related Happenings
YouTubeTA StealC malware campaign against cracked-Adobe seekers in 2025
Campaign
First: 16.01.2026 23:00
Last: 16.01.2026 23:00
Sources 1
About this happening:
The **YouTubeTA** operation ran **malware campaigns throughout 2025**, turning **cracked Adobe Photoshop and Adobe After Effects** searches into a large-scale **credential theft**...
YouTubeTA StealC malware campaign against cracked-Adobe seekers in 2025
CampaignAbout this happening: The **YouTubeTA** operation ran **malware campaigns throughout 2025**, turning **cracked Adobe Photoshop and Adobe After Effects** searches into a large-scale **credential theft**...
Desktop Window Manager actively exploited information disclosure (CVE-2026-20805)
Vulnerability
First: 13.01.2026 20:34
Last: 13.01.2026 20:34
Sources 1
About this happening:
Microsoft patched **CVE-2026-20805**, an **actively exploited** information disclosure flaw in **Desktop Window Manager** that can expose sensitive memory information locally. The...
Desktop Window Manager actively exploited information disclosure (CVE-2026-20805)
VulnerabilityAbout this happening: Microsoft patched **CVE-2026-20805**, an **actively exploited** information disclosure flaw in **Desktop Window Manager** that can expose sensitive memory information locally. The...
Timeline
-
19.01.2026 08:53 2 articles · 4mo ago
CyberArk discloses StealC panel XSS flaw
Initial DisclosureCyberArk disclosed a cross-site scripting (XSS) vulnerability in the web-based StealC control panel that let researchers steal cookies, monitor active sessions, and collect system fingerprints from StealC operators. The disclosure also identified a StealC customer named YouTubeTA using YouTube to promote cracked Adobe Photoshop and Adobe After Effects lures, accumulating over 5,000 logs with 390,000 stolen passwords and more than 30 million stolen cookies, and noted that the actor's real IP was exposed around mid-July 2025 after a VPN lapse.
Show sources
- Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations — thehackernews.com — 19.01.2026 08:53
- Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations — thehackernews.com — 19.01.2026 08:53