Security researchers have identified a new variant of the Stealit malware that exploits Node.js extensions to target Windows systems. This malware uses the Single Executable Application functionality to distribute malicious payloads, marking a shift from previous versions that relied on the Electron framework. Distributed through file-sharing platforms and disguised as game installers, Stealit operates as a sophisticated Malware-as-a-Service, offering extensive capabilities like remote access, real-time surveillance, and data theft from popular applications. Its use of advanced evasion techniques makes detection challenging, underscoring the growing threat of cybercrime that is increasingly commercialized and adaptable, posing significant risks to cybersecurity across multiple sectors.