Tag: login
-
FortiBleed Exposes Global Credential-Spraying Operation
FortiBleed exposed a massive campaign that made billions of login attempts against Fortinet VPNs, compromising organizations worldwide. FortiBleed wasn’t a targeted hack. It was a factory. A multi-operator crew ran an industrial-scale attack against Fortinet FortiGate SSL VPN devices worldwide, and security researcher Volodymyr >>Bob<< Diachenko of SecurityDiscovery.com caught them only because they left their…
-
FortiBleed Exposes Global Credential-Spraying Operation
FortiBleed exposed a massive campaign that made billions of login attempts against Fortinet VPNs, compromising organizations worldwide. FortiBleed wasn’t a targeted hack. It was a factory. A multi-operator crew ran an industrial-scale attack against Fortinet FortiGate SSL VPN devices worldwide, and security researcher Volodymyr >>Bob<< Diachenko of SecurityDiscovery.com caught them only because they left their…
-
Peter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail
A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel ‘s secretive Dialog network. Dialog, a private invitation-only organization cofounded in 2006 by billionaire tech investor Peter Thiel, has spent two decades refusing to disclose its membership. That position became harder to maintain last week when Swiss hacktivist maia…
-
24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data
Cybernews researchers found an exposed database with 24 billion credential records, raising fresh risks from password reuse and credential stuffing. The post 24B Records Exposed in Massive Leak of Emails, Passwords, and Login Data appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-24-billion-credential-records-exposed-database/
-
Cyberangriffe auf Urlauber 2026: Gefälschte Booking-, Airbnb- und Reise-Webseiten nehmen zu
Das Ziel dieser Kampagnen ist klar: Cyberkriminelle wollen mit möglichst echt aussehenden Webseiten Reisende auf gefälschte Buchungs- oder Login-Seiten locken. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cyberangriffe-auf-urlauber-2026-gefaelschte-booking-airbnb-und-reise-webseiten-nehmen-zu/a45541/
-
Rokarolla Trojan Combines Banking Fraud With Device Surveillance
Rokarolla Android trojan steals banking logins and spies on victims while blocking fraud alerts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/rokarolla-android-banking-trojan/
-
Ghostwriter APT Uses Fake Gmail Login Panels to Steal Passwords and 2FA Codes
Ghostwriter (UNC1151) has escalated its long-standing phishing operations by deploying convincing fake Gmail login panels that harvest both passwords and two-factor authentication (2FA) codes, CERT Polska reports. The group historically focused on Polish email providers such as Onet, Wirtualna Polska and Interia shifted in March 2026 to high-volume Gmail-targeted campaigns. Attackers send professionally worded Polish-language…
-
Hackers Abuse Microsoft OAuth Device Code Flow to Take Over Microsoft 365 Accounts
An active campaign in which attackers are abusing Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow to take over Microsoft 365 accounts. Rather than capturing credentials with a fake login page, the threat actors persuade victims to complete a genuine Microsoft authentication process that, unbeknownst to them, authorizes an attacker-controlled “device.” The result: fully…
-
Zehn Jahre unentdeckt: Hacker manipulieren Linux-Login
Die Hackergruppe Velvet Ant hat über fast zehn Jahre hinweg Linux-Login-Systeme mit einer Hintertür versehen, um unbemerkt Netzwerke auszuspionieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/manipulierter-linux-login-zehn-jahre
-
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email.The way in was a backdoor on their REDCap research servers that stole login credentials. The exfiltration was the unusual part: the attackers rewired the victims’ own Google Workspace rules…
-
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
-
China-nexus group hid in Linux login system for nearly a decade
First seen on scworld.com Jump to article: www.scworld.com/brief/china-nexus-group-hid-in-linux-login-system-for-nearly-a-decade
-
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself.Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where ordinary…
-
Threat actors are recruiting the people who hold cloud logins
Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/11/report-cloud-insider-threats/
-
Gefälschte Cookies umgehen GlobalProtect PAN-OS-Bypass gewährt VPN-Zugang ohne Zugangsdaten
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-0257-pan-os-globalprotect-bypass-vpn-zugangsdaten-a-df11d32998d82ce4f40c503d970b4c80/
-
New BitB Phishing Attack Targets Microsoft 365 Logins
A new Browser-in-the-Browser (BitB) phishing campaign is abusing fake OAuth login windows to steal Microsoft 365 credentials, and its design is polished enough to bypass casual visual checks. The attack uses a draggable popup that mimics a real browser dialog. However, it is embedded in the page itself and paired with a spoofed Microsoft OAuth…
-
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
Phishing has always been a numbers game. AI has turned it into a volume machine.Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance.As the queue…
-
Hacker stehlen verschlüsselte Passwortmanager-Tresore: Warum die Logins der User trotzdem sicher sind
First seen on t3n.de Jump to article: t3n.de/news/hacker-stehlen-verschluesselte-passwortmanager-tresore-1746161/
-
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
Tags: loginTech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/suspicious-polyfill-login-prompts-pop-up-on-toshiba-muji-websites/
-
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff.Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA’s login page well enough to take over…
-
Barracuda Finds Malicious Microsoft 365 Logins Are Blending In
Barracuda finds that trusted Microsoft 365 logins can hide attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/barracuda-finds-malicious-microsoft-365-logins-are-blending-in/
-
Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages
Cybercriminal tactics are evolving as phishing campaigns increasingly shift away from fake login pages toward infostealer malware designed to quietly harvest sensitive data from infected systems. While traditional credential-harvesting pages remain in use, threat actors are now prioritizing methods that reduce user interaction and increase data collection efficiency. Infostealers are purpose-built malware families that extract…
-
Fake Chrome Web Store Copyright Alerts Used to Steal Google Logins
Hackers are actively targeting Chrome extension developers with a sophisticated phishing campaign that impersonates official Chrome Web Store copyright enforcement notices, aiming to steal Google account credentials and potentially compromise widely used browser extensions. Victims are told they have 48 hours to respond or risk permanent removal. The message appears highly personalized and directs users…
-
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps.Any other app on the same phone could ask for the signed-in user’s token and get it, then read email, open files, browse the calendar, and send messages as that…
-
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/coding-gaffe-exposes-microsoft-365-accounts-takeover
-
Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking
Chrome’s DBSC update binds login sessions to user devices, making stolen session cookies harder to reuse in account hijacking attacks. The post Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-chrome-dbsc-session-cookie-theft/
-
Dashlane password manager users locked out by brute force attacks
Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dashlane-password-manager-users-locked-out-by-brute-force-attacks/
-
FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts no password required
So, you’ve enabled multi-factor authentication. You’ve taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now? First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/fbi-kali365-phishing-kit-breaks-microsoft-365-accounts-no-password-required
-
FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables attackers to bypass multi-factor authentication (MFA) by exploiting OAuth-based authentication flows. Kali365 PhaaS Platform Targets Microsoft…
-
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small.A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust.That is what makes it worrying. The danger…