Researchers say credential-stealing campaign used AI to build evasion ‘at every stage’

Monday, March 30, 2026 at 06:28 PM UTC·Source: CyberScoop

Updated: Wednesday, April 1, 2026 at 07:13 PM UTC

Executive Summary

DeepLoad logs keystrokes, buries details behind reams of AI-generated code, and re-infect hosts days after being blocked, according to ReliaQuest. The post Researchers say credential-stealing campaign used AI to build evasion ‘at every stage’ appeared first on CyberScoop .

Analysis

Source Attribution

Originally published by CyberScoop on Mar 30, 2026.

Related Threats

MEDIUMMalware

Claude Code leak used to push infostealer malware on GitHub

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. [...]

8h agoBleepingComputer

MEDIUMMalware

Bank Trojan 'Casbaneiro' Worms Through Latin America

Augmented Marauder's multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.

16h agoDark Reading

MEDIUMMalware

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration

16h agoInfosecurity Magazine

Command Palette

Researchers say credential-stealing campaign used AI to build evasion ‘at every stage’

Executive Summary

Analysis

Related Threats

Claude Code leak used to push infostealer malware on GitHub

Bank Trojan 'Casbaneiro' Worms Through Latin America

GitHub Used as Covert Channel in Multi-Stage Malware Campaign