{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibvxlsvgrlbxbxoqcoohsbu5ba2kprlckewbmp5iy5h77squt6ajy",
    "uri": "at://did:plc:z3a345rn6njmxg2o5lxmj3en/app.bsky.feed.post/3mewyg5ht6652"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicfazllk5vs3btosnlm3kxmnbnrcq7uukxq5zllukljt2jqeuskju"
    },
    "mimeType": "image/jpeg",
    "size": 225560
  },
  "path": "/news/security/ctm360-lumma-stealer-and-ninja-browser-malware-campaign-abusing-google-groups/",
  "publishedAt": "2026-02-15T16:30:41.000Z",
  "site": "https://www.bleepingcomputer.com",
  "tags": [
    "Security"
  ],
  "textContent": "CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized \"Ninja Browser.\" The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. [...]",
  "title": "CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups"
}