Researchers Discover XSS Vulnerability in StealC Malware Control Panel

Cybersecurity researchers have identified a cross-site scripting (XSS) vulnerability in the web control panel used by operators of the StealC malware, an information stealer. Exploiting this flaw allowed the collection of system fingerprints, monitoring of active sessions, and gathering of information about a malicious actor's activities. No specific date or additional technical details (such as a CVE identifier) are mentioned. The impact is limited to the collection of operational data on the attackers. Source: https://thehackernews.com/2026/01/security-bug-in-stealc-malware-panel.html