An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims’ credentials using a variant of the Python-basedNodeStealerand potentially take over their accounts for follow-on malicious activities. “The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology