Chinese threat actor exploits credentials from password spray attacks
Microsoft identifies a rise in credential theft due to password spray attacks by a network of compromised devices, primarily targeting organizations in North America and Europe.
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
A phishing campaign has compromised multiple Chrome extensions, exposing over 600,000 users to significant security risks.
LLMs could soon supercharge supply-chain attacks
Criminals are increasingly using stolen credentials to exploit existing LLMs for social engineering attacks, leading to significant supply chain threats.
Supply chain attacks could originate from LLM-generated spear phishing exploits by 2025 as attackers adapt quickly to new technologies.
Python package 'fabrice' steals AWS credentials
The 'fabrice' Python package deceives users by mimicking a legitimate library, endangering developers through credential theft and malicious operations.
Credential phishing attacks up over 700 percent
Credential theft attacks surged by 703% in the latter half of 2024, highlighting phishing as a critical cyber threat.
EMERALDWHALE operation highlights serious vulnerabilities in cloud security that need urgent addressing to protect against credential theft.
Chinese threat actor exploits credentials from password spray attacks
Microsoft identifies a rise in credential theft due to password spray attacks by a network of compromised devices, primarily targeting organizations in North America and Europe.
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
A phishing campaign has compromised multiple Chrome extensions, exposing over 600,000 users to significant security risks.
LLMs could soon supercharge supply-chain attacks
Criminals are increasingly using stolen credentials to exploit existing LLMs for social engineering attacks, leading to significant supply chain threats.
Supply chain attacks could originate from LLM-generated spear phishing exploits by 2025 as attackers adapt quickly to new technologies.
Python package 'fabrice' steals AWS credentials
The 'fabrice' Python package deceives users by mimicking a legitimate library, endangering developers through credential theft and malicious operations.
Credential phishing attacks up over 700 percent
Credential theft attacks surged by 703% in the latter half of 2024, highlighting phishing as a critical cyber threat.
Sniper Dz facilitates phishing attacks and has over 140,000 active phishing websites, allowing cybercriminals, even those with little tech knowledge, to easily conduct scams.
Snowflake Users Targeted for Data Theft and Extortion
Financially motivated threat actor UNC5537 accessed data from 165 organizations' Snowflake instances using stolen credentials and sold data to cybercriminals for various malicious purposes.
Sniper Dz facilitates phishing attacks and has over 140,000 active phishing websites, allowing cybercriminals, even those with little tech knowledge, to easily conduct scams.
Snowflake Users Targeted for Data Theft and Extortion
Financially motivated threat actor UNC5537 accessed data from 165 organizations' Snowflake instances using stolen credentials and sold data to cybercriminals for various malicious purposes.
Facebook ads for this fake AI image editor were just an excuse to infect your PC with malware
Attackers exploit AI image editing tool popularity to distribute malware through fake applications on social media, stealing credentials and data for sale on the dark web.
Security leaders respond to a sophisticated SMS stealing campaign
Sophisticated SMS Stealer campaign discovered by Zimperium, with over 105,000 samples, posing risks of OTP interception, credential theft, and financial fraud.
Ticketmaster hacked in what's believed to be a spree hitting Snowflake customers
Snowflake accounts hacked due to stolen credentials and info-stealing malware, affecting multiple customers.