Vendor
Information-stealing malware such as Phantom Stealer targets WinSCP's security configuration folder to harvest sensitive SSH and FTP credentials, leading to unauthorized access to remote systems and potential lateral movement.