Researchers Exploit XSS Flaw in StealC Malware Control Panel to Spy on Cybercriminals

Cybersecurity researchers exploited a cross-site scripting (XSS) vulnerability in the web control panel used by operators of the StealC malware, an info-stealer. This flaw allowed them to monitor active sessions and gather information about the attackers' hardware. The article does not specify an exact date, but the incident reveals a weakness in the malware's command-and-control (C2) infrastructure. No direct impact on StealC victims is mentioned; only the surveillance of cybercriminals' activities is reported.