Credential Theft - Cybersec Sentinel

Credential Theft

A collection of 6 posts

GlassWorm Exploits Trust in Open Source Ecosystems

GlassWorm Exploits Trust in Open Source Ecosystems

Threat Group – Unattributed Threat Type – Supply chain malware, infostealer, credential theft Exploited Vulnerabilities – No CVE assigned. Abuse of trusted package registries, compromised publisher access, stolen developer credentials, invisible Unicode obfuscation, and extension dependency abuse Malware Used – GlassWorm loader and follow on JavaScript based payloads Threat Score – 8.7 🔥 Critical Last

VodkaStealer Malware Harvests Browser Credentials and Session Token

VodkaStealer Malware Harvests Browser Credentials and Session Token

Threat Group – Unidentified financially motivated threat actor associated with the ClickFix WordPress compromise campaign Threat Type – Information Stealer Exploited Vulnerabilities – ClickFix social engineering using compromised WordPress sites and fake Cloudflare verification prompts Malware Used – VodkaStealer, DoubleDonut loader, ChromElevator Threat Score – 🔴 7.6 High – Advanced credential harvesting malware delivered through large

What Is Moonrise RAT and Why It Poses a Serious Risk

What Is Moonrise RAT and Why It Poses a Serious Risk

Threat Group – Unattributed Threat Type – Remote Access Trojan Exploited Vulnerabilities – No confirmed CVEs. Delivery aligned with user execution and social engineering techniques Malware Used – Moonrise RAT Threat Score – 7.8 🔴 High. Enables interactive remote control, credential theft, surveillance, and persistence with low early static detection which increases dwell time and

Evelyn Stealer and the rising risk of developer tool supply chain attacks

Evelyn Stealer and the rising risk of developer tool supply chain attacks

Threat Group: Unknown cybercriminal operators leveraging developer tooling supply chains Threat Type: Information stealer malware delivered via malicious development extensions Exploited Vulnerabilities: Abuse of the Visual Studio Code extension trust model, DLL side loading, PowerShell execution policy misuse, Windows process hollowing Malware Used: Evelyn Stealer, Lightshot.dll downloader, iknowyou.model

VVS Stealer highlights the rising danger of Discord focused infostealers

VVS Stealer highlights the rising danger of Discord focused infostealers

Threat Group – Unknown Threat Type – Information Stealer Exploited Vulnerabilities – None publicly identified Malware Used – VVS Stealer Threat Score – 7.3 🔴 High Last Threat Observation – 6 January 2026 Overview The cybersecurity environment of late 2025 and early 2026 has been shaped by the rapid commoditisation of advanced evasion techniques. VVS Stealer

Xillen Stealer v5 Advanced Credential Theft and Loader Platform

Xillen Stealer v5 Advanced Credential Theft and Loader Platform

Threat Group – Xillen Killers Threat Type – Information stealer and loader operating under a Malware as a Service model Exploited Vulnerabilities – Social engineering and opportunistic scanning for unpatched versions of Cisco AnyConnect, OpenVPN, FortiClient and Pulse Secure in order to access cached credentials Malware Used – Xillen Stealer version five using a