A Python-based infostealer is being tracked as a focused grab for browser logins, Telegram sessions, screenshots, clipboard data, and crypto material - a reminder that one endpoint can hold many forms of usable trust.
A reported malicious npm package, terminal-logger-utils, is described as a dropper that fetches a second-stage Node.js payload and targets developer secrets such as SSH keys, Telegram sessions, wallets, and environment variables.