Hacking news

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

on January 18, 2026

The Hacker News

Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. "By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that will

More From Author

Hacking news

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

April 3, 2026

The Hacker News

Hacking news

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

April 3, 2026

The Hacker News

Hacking news

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

April 2, 2026

The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

More From Author

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

On the Coming Industrialisation of Exploit Generation with LLMs

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

Leave a Reply Cancel reply