is one of the most common "commodity" infostealers, designed to harvest form submissions and browser credentials. It is prized by attackers for its stealth and its ability to feed large-scale credential-resale markets on the dark web. 8. PhoneSpy
A veteran "Remote Access Trojan" (RAT) and infostealer, specializes in keylogging and stealing credentials from browsers and clipboards. It is frequently delivered via invoice-themed phishing emails targeting small-to-mid-sized businesses. 4. AMOS (Atomic macOS Stealer) The Top 10 Spyware and Adware Threats
A leading threat for Mac users in 2026, is an infostealer that targets browser data, crypto wallets, and system files. Recent "ClickFix" campaigns have specifically targeted users of AI coding tools like Claude Code by tricking them into running malicious scripts. 5. FinSpy (FinFisher) is one of the most common "commodity" infostealers,
Pegasus remains the most high-profile "mercenary" spyware, capable of infecting iOS and Android devices without any user interaction ("zero-click"). It can record calls, read encrypted messages, and activate cameras. In 2026, it continues to face legal and political scrutiny, with high-profile cases like the into infections on the Prime Minister's phone being a major focus of international concern. 2. DarkSword PhoneSpy A veteran "Remote Access Trojan" (RAT) and
Uncovered in early 2026, DarkSword is an advanced found on compromised Ukrainian government and news websites. It operates as a "watering hole," silently siphoning iCloud Keychain passwords, iMessages, and cryptocurrency wallet data from unpatched devices. 3. Agent Tesla