Malware

The campaign, active since November 2025, targets Chinese-speaking users, including those in Western companies operating in China.

Cybersecurity researcher Saurabh identified suspicious code within the React2shell-scanner script, revealing a hidden payload designed to execute mshta.exe and download a secondary malware stage from py-installer.cc.

Cheoh Hai Beng, a 49-year-old Malaysian national, received a five-and-a-half-year prison sentence and a fine of S$3,608 (about $2,700 USD).

The forthcoming infostealer advertised on Telegram offers 14 custom modules.

Threat actors have harnessed malicious ISO files to spread the Phantom Stealer malware against finance, accounting, and payment firms, as well as small and medium-sized enterprises in Russia as part of an advanced phishing campaign, reports Cyber Security News.

More sophisticated JSCEAL malware emerges Improved anti-analysis methods and a more robust command-and-control infrastructure have been embedded in an upgraded version of the JSCEAL information-stealing malware in use since August, according to GBHackers News.

The attack chain begins by directing victims to malicious websites, often appearing at the top of search results due to SEO poisoning.