Tag: login

Node.js LTX Stealer Emerges as New Threat to Login Credentials

Feb 9, 2026 3:14 PM

Tags: antivirus, cloud, credentials, cyber, framework, login, malware, service, software, threat, windows

A new, sophisticated malware campaign dubbed >>LTX Stealer.<< This malware represents a shift in attacker techniques, utilizing legitimate software frameworks and cloud services to hide its activities and steal sensitive user data. By mimicking standard Windows processes, LTX Stealer is designed to operate quietly, making it difficult for traditional antivirus systems to detect. The malware…
UAE Cyber Security Council Warns Stolen Logins Fuel Majority of Financial Cyberattacks

Feb 9, 2026 10:14 AM

Tags: access, attack, breach, credentials, cyber, cyberattack, cybercrime, finance, fraud, identity, login, password, theft, threat, unauthorized

The UAE Cyber Security Council has issued a renewed warning about the growing threat of financial cybercrime, cautioning that stolen login credentials remain the most common entry point for attacks targeting individuals, companies, and institutions. According to the council, around 60% of financial cyberattacks begin with the theft of usernames and passwords, making compromised credentials…
New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions

Feb 9, 2026 7:13 AM

Tags: api, authentication, credentials, cyber, login, malware, password, phishing, scam

A new and sophisticated Telegram phishing operation is active in the wild, targeting users globally by hijacking the platform’s legitimate authentication features. Unlike traditional phishing, which often relies on malware or cloning login pages to steal passwords, this campaign integrates directly with Telegram’s official infrastructure. The attackers register their own Telegram API credentials (api_id and api_hash) and…
Software supply chain risks join the OWASP top 10 list, access control still on top

Feb 5, 2026 9:13 AM

Tags: access, ai, attack, authentication, backdoor, backup, breach, cloud, computer, control, credentials, cybersecurity, data, data-breach, defense, encryption, flaw, governance, identity, injection, LLM, login, malicious, mfa, open-source, password, risk, software, sql, supply-chain, threat, unauthorized, update, vulnerability

1 Broken access control When applications fail to properly enforce restrictions on what authenticated users are allowed to do, allowing attackers to access unauthorized functionality or data. For example, an attacker might manipulate an URL parameter to access another user’s account information or escalate their privileges from a regular user to an administrator. This item…
GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS

Feb 4, 2026 5:13 PM

Tags: citrix, infrastructure, login

GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a coordinated reconnaissance campaign targeting Citrix ADC and NetScaler Gateways. Attackers used over 63,000 residential proxies to discover login panels, then switched to AWS infrastructure…
Threat Actors Conduct Widespread Scanning for Exposed Citrix NetScaler Login Pages

Feb 4, 2026 11:13 AM

Tags: citrix, cloud, cyber, data-breach, exploit, infrastructure, login, software, threat

A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map login panels and enumerate software versions, a clear indicator of pre-exploitation preparation. The scanning activity generated 111,834 sessions from more than 63,000 unique IP addresses, with 79% of traffic specifically…
ValleyRAT Masquerades as LINE Installer to Target Users and Harvest Login Credentials

Feb 4, 2026 10:13 AM

Tags: communications, credentials, cyber, cybercrime, login, malware, powershell, software, threat

A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installers to deliver malware. This campaign shares techniques with previously discovered LetsVPN-themed attacks, including task-scheduler persistence, PowerShell-based evasion, and C2 communications via Hong Kong servers. Cybereason GSOC performed…
From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the Viral AI Agent

Feb 4, 2026 6:13 AM

Tags: access, ai, api, attack, authentication, computer, container, control, crypto, cve, data, data-breach, detection, docker, email, flaw, github, group, Hardware, injection, Internet, leak, login, malicious, malware, open-source, password, privacy, remote-code-execution, risk, scam, skills, software, threat, tool, unauthorized, vulnerability

Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to understand the vulnerabilities associated with Moltbot and the immediate security practices users must prioritize to mitigate this enormous agentic AI security risk. Key takeaways Moltbot takes an…
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials

Feb 3, 2026 11:14 PM

Tags: attack, credentials, cyber, email, exploit, login, malicious, phishing

A sophisticated phishing campaign that uses a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms, benign file formats, and layered redirection techniques to harvest user credentials from unsuspecting victims successfully. The attack chain begins with a professionally crafted phishing email containing a PDF attachment. The malicious payload leverages legitimate…
Wave of Citrix NetScaler scans use thousands of residential proxies

Feb 3, 2026 10:14 PM

Tags: citrix, infrastructure, login

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of residential proxies to discover login panels. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wave-of-citrix-netscaler-scans-use-thousands-of-residential-proxies/
New phishing attack leverages PDFs and Dropbox

Feb 3, 2026 5:13 AM

Tags: access, attack, authentication, awareness, business, cloud, control, detection, email, hacker, infrastructure, login, mail, mfa, phishing, service, threat, tool, training, zero-trust

Masquerading as a safe document format: But after so many warnings about this over time, why are people still so trusting of PDFs and Dropbox?”Because, historically, they’ve actually been trained to be,” said Avakian. PDFs are routinely used in the business world and have been positioned as a safe, read-only document format for invoices, contracts,…
NSA Tells Feds: Zero Trust Must Go Beyond Login

Feb 3, 2026 1:13 AM

Tags: access, authentication, defense, login, zero-trust

New NSA Guidance Demands Continuous Access Checks, Implementation Overhaul. The National Security Agency’s new zero trust guidance instructs agencies to move beyond login-based security by continuously assessing user behavior and app-layer activity in real time, aiming to close gaps that allow post-authentication abuse and elevate federal defenses against modern threats. First seen on govinfosecurity.com Jump…
Attackers Harvest Dropbox Logins Via Fake PDF Lures

Feb 3, 2026 12:13 AM

Tags: corporate, credentials, login, malware, phishing

A malware-free phishing campaign targets corporate inboxes and asks employees to view request orders, ultimately leading to Dropbox credential theft. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/attackers-harvest-dropbox-logins-fake-pdf-lures
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins

Feb 2, 2026 9:14 PM

Tags: business, cloud, email, exploit, login, phishing, scam

A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. First seen on hackread.com Jump to article: hackread.com/phishing-scam-emails-pdfs-steal-dropbox-logins/
Researchers Uncover Moltbook AI Flaw Exposing API Keys and Login Credentials

Feb 2, 2026 11:13 AM

Tags: ai, api, credentials, cyber, email, flaw, login, network, vulnerability

A critical vulnerability in Moltbook, the AI agent social network launched in late January 2026 by Octane AI’s Matt Schlicht, exposes email addresses, login tokens, and API keys for registered entities. The flaw impacts the platform’s claimed 1.5 million users, though security researchers revealed the inflated user count stems from unchecked bot registrations rather than…
AI Compliance Tools: What to Look For FireTail Blog

Jan 30, 2026 8:42 PM

Tags: ai, antivirus, api, attack, automation, backdoor, business, cloud, compliance, control, credit-card, data, defense, email, finance, framework, GDPR, governance, grc, guide, identity, injection, intelligence, jobs, LLM, login, malicious, mitre, network, nist, okta, remote-code-execution, risk, risk-management, siem, software, threat, tool, training, unauthorized, vulnerability

Jan 30, 2026 – Alan Fagan – Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP…
TAMECAT PowerShell Backdoor Targets Edge and Chrome: Login Credentials At Risk

Jan 30, 2026 4:22 PM

Tags: backdoor, browser, chrome, credentials, cyber, defense, espionage, government, hacking, iran, login, microsoft, powershell, risk

TAMECAT is a sophisticated PowerShell-based backdoor linked to APT42, an Iranian state-sponsored hacking group. It steals login credentials from Microsoft Edge and Chrome browsers while evading detection. Security researchers from Israel’s National Digital Agency detailed its modular design in recent SpearSpecter campaign analysis.”‹ APT42 deploys TAMECAT in long-term espionage operations against senior defense and government…
Why Passwordless Authentication Is Critical for Online Learning Student Services

Jan 30, 2026 12:21 PM

Tags: access, authentication, login, risk, service

Passwordless authentication reduces risk and friction in online learning. See how passwordless login protects accounts, boosts access, and supports student services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/why-passwordless-authentication-is-critical-for-online-learning-student-services/
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

Jan 28, 2026 11:21 PM

Tags: attack, authentication, cybersecurity, fortinet, login, malicious, zero-day

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-new-zero-day-malicious-sso-logins
SSO vs. Federated Identity Management: A Guide

Jan 28, 2026 9:24 PM

Tags: cloud, guide, identity, login, password, saas, vulnerability

5 min readManaging digital identities for both human and non-human users is a central challenge for modern organizations. As companies adopt more SaaS platforms, microservices, and multi-cloud environments, they face two major identity challenges: Each login represents a potential vulnerability and productivity loss. According to 1Password, one in three employees (34%) reuse passwords at work,…
Travel and Leisure Customer Service That Scales

Jan 28, 2026 5:21 PM

Tags: identity, login, service

Learn how travel and leisure customer service improves with unified identity, seamless login, personalization, and secure customer engagement. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/travel-and-leisure-customer-service-that-scales/
Massives Datenleck bedroht rund 150 Millionen Benutzer

Jan 28, 2026 4:23 PM

Tags: credentials, credit-card, crypto, cyberattack, data-breach, finance, fraud, login, mail, malware, password, phishing, risk

Die offengelegten Zugangsdaten stellen ein erhebliches Sicherheitsrisiko dar.Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen und…
Critical FortiCloud SSO zero”‘day forces emergency service disablement at Fortinet

Jan 28, 2026 1:21 PM

Tags: advisory, attack, authentication, cisa, cloud, cve, cyber, exploit, fortinet, infrastructure, kev, login, malicious, risk, service, tool, update, vulnerability

Attack details and indicators: Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “cloud-noc@mail.io” and “cloud-init@mail.io,” though the company warned “these addresses may change in the future.”Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities.”Following authentication via SSO, it has been…
Beware! Fake ChatGPT browser extensions are stealing your login credentials

Jan 28, 2026 11:22 AM

Tags: chatgpt, credentials, login

If you’ve installed a browser extension to enhance your ChatGPT experience, you might want to think again. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/beware-fake-chatgpt-browser-extensions-are-stealing-your-login-credentials
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

Jan 28, 2026 12:21 AM

Tags: backdoor, china, data, espionage, group, hacker, login, threat

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-mustang-panda-hackers-deploy-infostealers-via-coolclient-backdoor/
ShinyHunters Target 100+ Firms Using Phone Calls to Bypass SSO Security

Jan 27, 2026 7:21 PM

Tags: attack, data, group, login, phone

ShinyHunters is driving attacks on 100+ organisations, using vishing and fake login pages with allied groups to bypass SSO and steal company data, reports Silent Push. First seen on hackread.com Jump to article: hackread.com/shinyhunters-target-firms-bypass-sso-security/
Okta Flags Customized, Reactive Vishing Attacks Which Bypass MFA

Jan 26, 2026 3:21 PM

Tags: attack, credentials, login, mfa, okta, phishing, threat

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/okta-flags-vishing-attacks-which/
Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA

Jan 26, 2026 2:21 PM

Tags: attack, credentials, login, mfa, okta, phishing, threat

Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/okta-flags-vishing-attacks-which/