: The group relies heavily on "stealer logs"—archives of credentials harvested by infostealers like Lumma or StealC. These logs are used to gain initial access to corporate Jira instances.
: Targeted infrastructure via Atlassian Jira vulnerabilities and credential theft. Recommendations If you have encountered this file: pdhellcat.rar
: Given Hellcat's reliance on Jira, organizations should audit Atlassian Jira accounts for unusual login activity. : The group relies heavily on "stealer logs"—archives