Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials
Keyloggers record keystrokes to steal passwords, messages, and other sensitive data, making them a serious risk to account security and privacy.
Search across headline titles and summaries.
Background for this topic.
Keylogger is software, firmware, or a physical device that records keyboard input, often covertly, and stores or transmits it to another party. In security reporting, the term usually means an unauthorized surveillance or credential-theft tool, although legitimate monitoring tools can use similar techniques with authorization. Captured text may include passwords, recovery codes, messages, and sensitive business data.
Keyloggers matter because they target the endpoint and input process: malware may be installed through phishing or malicious software, while hardware versions require physical access. They may expose passwords or one-time codes entered on an infected device. Defenses include endpoint monitoring, application control, least privilege, timely patching, and inspection of unfamiliar USB or keyboard hardware. If suspected, isolate the device, preserve evidence, reset credentials from a clean device, revoke sessions or tokens, and assess what information was entered.
Weekly headline count for the current query.
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials
Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024
Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials
A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain
A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns
The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and construction businesses in South Korea
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm, among others
A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla
"Of course, here's an example of simple code in the Python programming language that can be associated with the keywords "MyHotKeyHandler," "Keylogger," and "macOS," this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published by Moonlock Lab, the screenshots of ChatGPT writing code for a keylogger malware is yet
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems
Palo Alto Networks Unit 42 has detailed the inner workings of a malware called OriginLogger, which has been touted as a successor to the widely used information stealer and remote access trojan (RAT) known as Agent Tesla