Remote‑Work Credential Stealers Surge; Browser Payloads Evolve, Endpoint Defenses Tested

Malwarebytes’ weekly threat roundup for March 16‑22 reveals a sharp uptick in credential‑stealing tools specifically targeting remote‑work setups. Actors are deploying phishing‑laced documents and malicious VPN add‑ons to harvest usernames, passwords, and MFA tokens, then exfiltrate them to command‑and‑control servers. At the same time, we’re seeing a wave of modified browser payloads that embed malicious JavaScript in seemingly benign extensions, bypassing traditional URL filtering and delivering ransomware or information stealers directly to the user’s browser session.

The report also benchmarks detection rates across the top endpoint security suites, highlighting gaps where several products missed up to 30 % of the new payload variants. Defenders should prioritize tightening remote‑access controls, enforcing MFA, and ensuring endpoint agents are updated with the latest signatures. Additionally, scrutinize browser extension policies, deploy web‑gateway inspection for encrypted traffic, and consider supplemental behavioral analytics to catch these evolving threats before they compromise critical assets.

Categories: Malware & Ransomware, Threat Intelligence

Source: Read original article