Your Browser is Not a Safe Space

This blog-style technical report describes analysis of millions of records of stealer malware exfiltration (browser credentials, cookies, screenshots, system info) obtained and searched by a red team; it recounts a specific case where browser-synced credentials exposed corporate access, discusses how stealers are distributed and sold, and recommends mitigations including disabling browser credential storage, using password managers, user education, and monitoring for credential abuse.