The AISI Research Center’s Cybersecurity Observatory publishes the report “Dissecting a new malspam chain delivering Purelogs infostealer” – November 25, 2025.
Organizational and personal security remains under constant threat from increasingly sophisticated attack vectors, with malspam continuing to represent one of the most widespread and effective initial infection vectors for distributing malware on a large scale. Despite advances in endpoint protection technologies, malicious campaigns effectively exploit human urgency, curiosity, and trust, often masquerading as legitimate communications, security alerts, or financial documents.
Malspam tactics often involve using ‘weaponized’ Office documents, embedded OLE objects, and complex exploit chains, all sustained by a sophisticated underground criminal ecosystem. A recent manifestation of this threat is the deployment of the Purelogs infostealer, which has targeted users globally, including those in Italy. This specific campaign was analyzed in a report titled “Dissecting a new malspam chain delivering Purelogs infostealer,” published on November 25, 2025, by the Cybersecurity Observatory of the AISI Research Center (Centro di Ricerca AISI) at Unipegaso University. To effectively counter these threats, organizations must implement robust security measures, including Multi-Factor Authentication (MFA) for email account access, requiring telephone verification or double confirmation for high-value payments, and ensuring continuous employee training on phishing and social engineering techniques.”
Enjoy the report.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, malspam)
