Malvertising Campaign Spreads AMOS ‘malext’ macOS Infostealer via Fake Text-Sharing Ads

A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed “malext,” which steals sensitive data such as browser credentials and crypto wallets. Suspicious password prompts halted…

Angular i18n Flaw Lets Hackers Execute Malicious Code via Critical XSS Vulnerability

A high-severity security flaw has been discovered in Angular, one of the most popular web application frameworks. This vulnerability, tracked as CVE-2026-27970, affects the framework’s internationalization (i18n) pipeline. If exploited, it allows attackers to execute malicious code within an application,…

AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns

Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command‑and‑control (C2) domains, and multiple ongoing campaigns abusing popular platforms like TikTok and cracked‑software sites. AuraStealer emerged on Russian‑language cybercrime forums in…