June 25, 2026

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article The role of infostealers: From credential theft to intrusion StealC: Infostealer for rent Amadey: Malware-as-a-service for delivery of infostealers Defending against StealC and […]
June 18, 2026

From package to postinstall payload: Inside the Mastra npm supply chain compromise

In this article Attack chain overview Discovery and initial indicators Dependency injection: the poisoned package.json Typosquat analysis: easy-day-js Staged delivery pattern Obfuscation and payload analysis TLS […]