Threat Alert: Malicious "injector.zip" Delivering XWorm and Data Stealers April 28, 2026

Security researchers have identified a rising campaign distributing malicious payloads packaged as . These ZIP files, when extracted and executed, trigger a multi-stage infection aimed at stealing browser data, cryptocurrency wallets, and system information. 1. What is in "injector.zip"?

(SHA256) of recent "injector.zip" variants if you have a suspected file. List known C2 IP addresses associated with these campaigns.

Ensure you can see the true file extension (e.g., file.zip.exe instead of just file.zip ).

Malvor Script's Injector.zip Instant

Threat Alert: Malicious "injector.zip" Delivering XWorm and Data Stealers April 28, 2026

(SHA256) of recent "injector.zip" variants if you have a suspected file. List known C2 IP addresses associated with these campaigns. Threat Alert: Malicious "injector

Ensure you can see the true file extension (e.g., file.zip.exe instead of just file.zip ). when extracted and executed