A threat actor is targeting banks and other high-value organizations in a phishing campaign to deliver Phantom Stealer, a credential and session-stealing malware designed to evade conventional endpoint defenses. What makes the campaign concerning, according to researchers at Fortra, is the adversary's use of heavily obfuscated, fileless techniques to complicate detection and enable the malware to execute largely in memory.[1] "The actor's primary objective is the silent theft of browser creden
