PureLogs infostealer is stealing credentials worldwide (opens in new tab)

A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure to pressure the victim into opening it quickly: The phishing email carrying the malicious TXZ archive (Source: Fortinet) The extracted JavaScript stores malicious commands in process environm...