Researchers have warned against the increased use of free-to-use browser automation frameworks by attackers that can be abused in malicious activities. Researchers observed C2 IP addresses linked with malware such as BlackGuard, Bumblebee, and RedLine Stealer communicating with the subdomain of Bablosoft. Organizations are recommended to implement unique passwords and stop users from using compromised credentials.