Find notable cyber news and cases, enriched with sources, timelines, and signals.

Venom Stealer MaaS continuous credential theft and exfiltration

Malware Activity
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

The Venom Stealer malware-as-a-service platform has been identified as a credential-theft threat that keeps exfiltrating data after infection, extending the window for account takeover and crypto theft. It folds ClickFix social engineering into its operator panel so attackers can automate the path from lure to data theft. The malware targets Chromium and Firefox-based browsers for saved passwords, session cookies, autofill data, browsing history, and wallet information. The platform is also sold on cybercrime networks and was described as actively maintained with multiple updates in March 2026.

Related Happenings

ClickFix mitigation guidance for Windows and macOS

Defensive Guidance
H score34 First: 30.06.2026 15:00 Last: 30.06.2026 15:00 Sources 1

About this happening: Organizations are being urged to harden defenses against **ClickFix** on **Windows** and **macOS**, reducing the chance that social-engineering lures can turn trusted dialogs into...

Search for perplexity ai malicious Chrome extension

Malware Activity
H score29 First: 29.06.2026 21:40 Last: 29.06.2026 21:40 Sources 1

About this happening: A malicious **Chrome extension** named **Search for perplexity ai** impersonated **Perplexity AI** while **intercepting search traffic** and collecting **browsing information** th...

Hotel and hospitality photo-ZIP phishing campaign

Campaign
H score40 First: 26.06.2026 12:27 Last: 26.06.2026 12:27 Sources 1

About this happening: An **active phishing campaign** is targeting **hotel and hospitality organizations** across **Europe and Asia**, increasing the risk of **front-desk machine compromise** and durab...

MacOS ClickFix Terminal-delivered DMG campaign

Campaign
H score37 First: 23.06.2026 21:30 Last: 23.06.2026 21:30 Sources 1

About this happening: A **macOS ClickFix campaign** is using **fake CAPTCHA pages** and **Terminal commands** to quietly download and launch malicious **DMG files**, putting **Mac devices** at risk of...

USB-spreading clipboard-stealing malware targeting cryptocurrency wallets

Malware Activity
H score27 First: 18.06.2026 19:20 Last: 18.06.2026 19:20 Sources 1

About this happening: A **USB-spreading** clipboard-stealing malware family is actively stealing **seed phrases**, **private keys**, and wallet addresses from **Windows** victims, putting cryptocurrenc...

Timeline

  1. 31.03.2026 03:00 2 articles · 3mo ago

    BlackFog identifies Venom Stealer MaaS

    Initial Disclosure

    BlackFog researchers identify Venom Stealer, a malware-as-a-service platform sold on cybercrime networks that integrates ClickFix social engineering into its operator panel, automates credential theft and continuous data exfiltration, and steals saved passwords, session cookies, browsing history, autofill data and cryptocurrency wallet information from Chromium and Firefox-based browsers while continuously monitoring Chrome's login database for newly saved credentials.

    Show sources