the all-around
infostealer hub.

By [Alon Gal] | March 2025 Another colossal breach fueled by infostealer malware, and this time, it’s Samsung in the crosshairs. A hacker going by the alias “GHNA” has dumped a staggering 270,000 customer tickets from Samsung Germany online, completely free of charge. The data, which appears to be sourced from samsung-shop.spectos.com, didn’t come from some sophisticated zero-day exploit or insider

By [Alon Gal] | March 2025 StreamElements, a popular cloud-based streaming platform, has confirmed a significant data breach involving a third-party service provider, following reports of stolen data being offered for sale on a hacking forum. The breach, which potentially impacts over 100,000 individuals, exposed sensitive information including names, addresses, phone numbers, and emails. New details from Hudson Rock confirm that

In yet another reminder of the dangers posed by infostealer malware, the emerging Arkana ransomware group has claimed responsibility for a massive breach of WideOpenWest (WOW!), one of the largest Internet Service Providers (ISPs) in the United States. The attack, which Hudson Rock researchers trace its origins to an infostealer infection back in September 2024, has allegedly compromised over 403,000

🔊 *Hudson Rock* is back with a new podcast episode! In this episode, Leonid Rozenberg, cybercrime and threat intelligence researcher, speaks with Kevin Poireault from Infosecurity Magazine Magazine about the Infostealer landscape in 2025. While Infostealers are still harvesting passwords and cookies, Leonid dives into additional malware features such as: 🔹 File-grabbing module🔹 Credit card theft🔹 Android APK-related data This

By [Alon Gal] | March 2025 In a repeat of a now-familiar playbook, the HELLCAT ransomware group has claimed responsibility for a massive data breach targeting Jaguar Land Rover (JLR), leaking gigabytes of sensitive information including proprietary documents, source codes, and employee and partner data. The breach, executed by a threat actor known as “Rey,” mirrors a pattern of attacks Hudson

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range