Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.