New Powerful Nullpoint-Stealer With Extensive Capabilities Hosted on GitHub

While the repository explicitly states the project is “built as a cybersecurity lab tool” for malware analysis practice, ethical hacking labs, blue team defense testing, and “understanding how modern stealers operate,” cybersecurity experts warn about the fine line between educational tools and actual malware. A sophisticated new information-stealing malware toolkit called “Nullpoint-Stealer” has recently been published on GitHub, raising concerns among cybersecurity professionals about its potential for misuse despite being labeled as an educational tool. According to its GitHub repository, the malware can extract a wide range of sensitive data, including passwords from Chromium-based browsers, cookies for session hijacking, bookmarks, autofill data, and browser history. The stealer, developed by GitHub user monroe31s, boasts extensive data harvesting capabilities designed to extract sensitive information from compromised systems. The stealer’s dashboard interface displays extensive analytics about stolen data, organized by country, operating system, browser type, blockchain information, and various online service credentials. Cybersecurity professionals urge extreme caution when encountering such tools, emphasizing that despite educational disclaimers, powerful data extraction capabilities present serious risks if misused. The malware’s capabilities extend to scanning for installed VPN clients to extract configuration files and login credentials, targeting gaming platforms including Steam, Epic Games, and Battle.net, and detecting cryptocurrency wallets such as Metamask, Exodus, and Atomic. Similar infostealers like KPot, Vidar, and Raccoon Stealer have been widely distributed through similar methods, highlighting how threat actors continue to refine their techniques for delivering credential-stealing malware. According to cybersecurity reports, information-stealing malware infected over 18 million devices last year, exposing and selling over 2.4 billion compromised credentials. The repository description notes that “Nullpoint-Stealer’s modular architecture makes it particularly concerning, as it allows attackers to easily add new stealing capabilities ” and emphasizes its “lightweight, fast execution with minimal dependencies”. The repository provides contact information through Telegram channels (NeverTrace and zerotraceofficial), raising additional concerns about potential support networks for users of this tool. Examining the project files reveals sophisticated coding techniques, including sound notifications when data is successfully exfiltrated.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 01 May 2025 11:10:06 +0000

Cyber News related to New Powerful Nullpoint-Stealer With Extensive Capabilities Hosted on GitHub

New Powerful Nullpoint-Stealer With Extensive Capabilities Hosted on GitHub - While the repository explicitly states the project is “built as a cybersecurity lab tool” for malware analysis practice, ethical hacking labs, blue team defense testing, and “understanding how modern stealers operate,” ...
1 month ago Cybersecuritynews.com

Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack - Let's say TensorFlow wants to run a set of tests when a GitHub user submits a pull request. TensorFlow can define these tests in a yaml workflow file, used by GitHub Actions, and configure the workflow to run on the `pull request` trigger. One type ...
1 year ago Securityboulevard.com

GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks - Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks. GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, ...
1 year ago Securityboulevard.com

15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
1 month ago Cybersecuritynews.com

New Germlin Stealer Advertised on Hacker Forums Steals Credit Card Data & Login Credentials - Cyber Security News - For credit card data theft, Gremlin Stealer employs specialized functions that target stored payment information across multiple browsers. First spotted being advertised on underground forums and Telegram channels, Gremlin Stealer represents a ...
1 month ago Cybersecuritynews.com

RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool - A new version of the ScrubCrypt obfuscation tool is being used to target organizations with the RedLine Stealer malware, fraud sensor network Human Security has warned. Human's Satori Threat Intelligence Team said it has uncovered the new build of ...
1 year ago Infosecurity-magazine.com

Rhadamanthys Stealer malware evolves with more powerful features - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
1 year ago Bleepingcomputer.com

'Ov3r Stealer' Malware Spreads Through Facebook to Steal Crates of Info - The malware by design exfiltrates specific types of data such as geolocation, hardware info, passwords, cookies, credit card information, auto-fills, browser extensions, crypto wallets, Office documents, and antivirus product information, according ...
1 year ago Darkreading.com

Facebook ads push new Ov3r Stealer password-stealing malware - A new password-stealing malware named Ov3r Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. The fake job ads are for management positions and lead users to a Discord URL where a ...
1 year ago Bleepingcomputer.com

Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
1 year ago Securityboulevard.com

New Rhadamanthys stealer version enhances features, evasion - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
1 year ago Bleepingcomputer.com

New Android Malware 'Salvador Stealer' That Phish & Steals Your Banking Details & OTPs - Cybersecurity researchers have discovered a sophisticated new Android malware called “Salvador Stealer” that targets banking credentials and one-time passwords (OTPs) through an elaborate phishing scheme. Once active, Salvador Stealer ...
2 months ago Cybersecuritynews.com

Fake Browser Updates Targeting Mac Systems With Infostealer - A widely popular social engineering campaign previously only targeting Windows systems has expanded and is now using fake browser updates to distribute Atomic Stealer, a dangerous information stealer, to macOS systems. Experts say this could be the ...
1 year ago Darkreading.com

Sophisticated macOS Infostealers Get Past Apple's Built-In Detection - Increasingly sophisticated infostealers are targeting macOS with the capability to evade Apple's built-in malware protection, as attackers are becoming more savvy about how to crack static signature-detection engines like the platform's proprietary ...
1 year ago Darkreading.com Hunters

Top 30 Best Penetration Testing Tools - 2025 - The tool supports various protocols and offers advanced filtering and analysis capabilities, making it ideal for diagnosing network issues, investigating security incidents, and understanding complex network interactions during penetration testing. ...
2 months ago Cybersecuritynews.com

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges - A new Golang-based information stealer malware, dubbed Titan Stealer, is being advertised by threat actors through their Telegram channel. Uptycs security researchers Karthickkumar Kathiresan and Shilpesh Trivedi first documented the malware in ...
2 years ago Thehackernews.com

MacOS info-stealers quickly evolve to evade XProtect detection - Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently. A report by SentinelOne highlights the problem through three ...
1 year ago Bleepingcomputer.com

Fake AI video generators drop new Noodlophile infostealer malware - Noodlophile is a new information stealer malware that targets data stored on web browsers like account credentials, session cookies, tokens, and cryptocurrency wallet files. Previously undocumented in public malware trackers or reports, this stealer ...
1 month ago Bleepingcomputer.com

GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
2 years ago Nakedsecurity.sophos.com

Serpent Stealer Acquire Browser Passwords and Erases Logs - Beneath the surface of the cyber realm, a silent menace emerges-crafted with the precision of the. NET framework, the Serpent Stealer slithers undetected through security measures, leaving traces of its intrusion. It can also steal sensitive data, ...
1 year ago Gbhackers.com

ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware's Prevalence - Cybersecurity company ESET released its H2 2023 threat report, and we're highlighting three particularly interesting topics in it: the abuse of the ChatGPT name by cybercriminals, the rise of the Lumma Stealer malware and the Android SpinOk SDK ...
1 year ago Techrepublic.com

Deceptive Cracked Software Spreads Lumma Variant on YouTube - FortiGuard Labs recently discovered a threat group using YouTube channels to distribute a Lumma Stealer variant. These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and ...
1 year ago Feeds.fortinet.com

Lumma Stealer Evolves with New PowerShell Tools & Advanced Techniques - “The variations we saw in Lumma Stealer behavior are significant to defenders,” noted the Sophos Managed Detection and Response team in their report, emphasizing that these delivery techniques could easily be adapted for other malware ...
1 month ago Cybersecuritynews.com Kimsuky

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise - A newly disclosed class of CI/CD attacks could have allowed attackers to inject malicious code into the PyTorch repository, leading to massive supply chain compromise, Praetorian security researcher John Stawinski says. Initially detailed in December ...
1 year ago Securityweek.com

Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla - Security experts advise users to be extremely cautious when downloading supposed game cheats or cracks from YouTube videos, particularly those that require extracting password-protected archives or running batch files. The malware, discovered in late ...
3 months ago Cybersecuritynews.com