Tag: mfa

Shadow Machines: The Non-Human Identities Exposing Your Cloud AI Stack

Feb 19, 2026 10:01 AM

Tags: access, ai, api, authentication, automation, business, cloud, compliance, container, control, credentials, data, encryption, framework, governance, iam, identity, infrastructure, iot, jobs, login, mfa, password, risk, risk-management, saas, service, software, strategy, supply-chain, tool

Shadow Machines: The Non-Human Identities Exposing Your Cloud & AI Stack madhav Thu, 02/19/2026 – 06:30 The machines we don’t see are the ones running our businesses. Unfortunately, most IAM systems do not track them. In an ironic twist, the ghost in the machine has become the machine itself: invisible, autonomous, and increasingly beyond human…
MetaMask Users Targeted by Phishing Emails with Fake Security Report to Bypass Detection

Feb 18, 2026 9:58 AM

Tags: attack, authentication, cyber, detection, email, login, mfa, phishing, social-engineering

A new phishing campaign is targeting MetaMask users with cleverly crafted emails designed to trick recipients into enabling a fake Two-Factor Authentication (2FA) setup. The lure includes a forged “security report” PDF meant to mimic a legitimate notification about unusual login activity, adding credibility and emotional urgency to the scam. The attack blends social engineering…
13 Fragen gegen Drittanbieterrisiken

Feb 18, 2026 5:58 AM

Tags: access, api, ceo, ciso, cloud, cyberattack, cyersecurity, detection, firewall, identity, incident response, infrastructure, ISO-27001, mfa, monitoring, password, PCI, risk, saas, sans, service, social-engineering, software, threat, update, vulnerability

Drum prüfe”¦Die zunehmende Abhängigkeit von IT-Dienstleistern und Software von Drittanbietern vergrößert die Angriffsfläche von Unternehmen erheblich. Das wird auch durch zahlreiche Cyberattacken immer wieder unterstrichen. Zwar lassen sich die Risiken in Zusammenhang mit Third-Party-Anbietern nicht gänzlich beseitigen, aber durchaus reduzieren. Dabei sollten Sicherheitsentscheider eine zentrale Rolle spielen, wie Randy Gross, CISO bei CompTIA, erklärt: “CISOs…
Malicious Chrome Extension Exposes Facebook Business Manager Accounts to 2FA and Analytics Theft

Feb 17, 2026 8:58 AM

Tags: 2fa, authentication, browser, business, chrome, cyber, google, malicious, mfa, theft, tool

A malicious Google Chrome extension, CL Suite by @CLMasters, which masquerades as a productivity tool for Meta Business Suite while silently stealing sensitive authentication data. Although the extension markets itself as a solution to >>remove verification popups<>generate 2FA codes,<< its actual function is to exfiltrate Two-Factor Authentication (2FA) seeds, one-time codes, and detailed business […] The…
Was CISOs über OpenClaw wissen sollten

Feb 16, 2026 9:58 PM

Tags: ai, api, authentication, browser, bug, chrome, ciso, cloud, crypto, cyberattack, ddos, DSGVO, firewall, gartner, github, intelligence, Internet, jobs, linkedin, LLM, malware, marketplace, mfa, open-source, risk, security-incident, skills, software, threat, tool, update, vulnerability

Lesen Sie, welches Sicherheitsrisiko die Verwendung von OpenClaw in Unternehmen mit sich bringt.Das neue Tool zur Orchestrierung persönlicher KI-Agenten namens OpenClaw früher Clawdbot, dann Moltbot genannt erfreut sich aktuell großer Beliebtheit. Die Open-Source-Software kann eigenständig und geräteübergreifend arbeiten, mit Online-Diensten interagieren und Workflows auslösen kein Wunder, dass das Github-Repo in den vergangenen Wochen Millionen von…
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History

Feb 13, 2026 1:58 PM

Tags: authentication, browser, business, chrome, cybersecurity, data, email, google, malicious, mfa

Cybersecurity researchers have discovered a malicious Google Chrome extension that’s designed to steal data associated with Meta Business Suite and Facebook Business Manager.The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes. First seen on thehackernews.com…
Hackers turn bossware against the bosses

Feb 13, 2026 5:58 AM

Tags: access, advisory, attack, awareness, computer, control, corporate, cybersecurity, data, email, endpoint, hacker, identity, infosec, infrastructure, malicious, mfa, monitoring, network, phishing, ransomware, risk, sans, software, tool, training, unauthorized, vulnerability

Ensure these risks are catalogued: Johannes Ullrich, dean of research at the SANS Institute, said this report is an example of how corporate IT teams build infrastructure that attackers then abuse. It’s known that employee monitoring software and security software have been misused like this in the past, he said. He pointed out that software…
Dutch police arrest 21-year-old for alleged involvement in JokerOTP password stealer

Feb 12, 2026 3:58 PM

Tags: authentication, cybercrime, mfa, password

The Dordrecht native was detained on Tuesday by police in East Brabant on accusations he distributed a bot called JokerOTP, which is used widely by cybercriminals to intercept the codes delivered by many platforms as part of multi-factor authentication sign-ins. First seen on therecord.media Jump to article: therecord.media/dutch-police-arrest-man-over-jokerotp-password-stealer
What CISOs need to know about the OpenClaw security nightmare

Feb 12, 2026 8:58 AM

Tags: access, ai, api, attack, authentication, china, ciso, computer, control, corporate, credentials, email, endpoint, exploit, firewall, gartner, google, injection, mfa, microsoft, monitoring, network, open-source, openai, radius, risk, skills, startup, supply-chain, tool, vulnerability

OpenClaw exposes enterprise security gaps: The first big lesson of this whole OpenClaw situation is that enterprises need to do more to get their security fundamentals in place. Because if there are any gaps, anywhere at all, they will now be found and exploited at an unprecedented pace. In the case of OpenClaw, that means…
How to Prevent Vishing Attacks Targeting Okta and other IDPs

Feb 11, 2026 10:58 PM

Tags: access, attack, authentication, email, identity, mfa, okta, phishing

<div cla Vishing as the Front Door to MFA Bypass Threat reporting tied to ShinyHunters and Scattered Spider-linked activity shows voice phishing (vishing) being operationalized as a coordinated access vector against enterprise identity systems. Rather than relying solely on email-based phishing, attackers now call employees directly, impersonating IT support, security teams, or identity administrators. These…
How to Prevent Vishing Attacks Targeting Okta and other IDPs

Feb 11, 2026 10:58 PM

Tags: access, attack, authentication, email, identity, mfa, okta, phishing

<div cla Vishing as the Front Door to MFA Bypass Threat reporting tied to ShinyHunters and Scattered Spider-linked activity shows voice phishing (vishing) being operationalized as a coordinated access vector against enterprise identity systems. Rather than relying solely on email-based phishing, attackers now call employees directly, impersonating IT support, security teams, or identity administrators. These…
Police arrest seller of JokerOTP MFA passcode capturing tool

Feb 11, 2026 8:58 PM

Tags: access, automation, mfa, password, tool

The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrest-seller-of-jokerotp-mfa-passcode-capturing-tool/
Police arrest seller of JokerOTP MFA passcode capturing tool

Feb 11, 2026 8:58 PM

Tags: access, automation, mfa, password, tool

The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrest-seller-of-jokerotp-mfa-passcode-capturing-tool/
In Bypassing MFA, ZeroDayRAT Is ‘Textbook Stalkerware’

Feb 10, 2026 11:13 PM

Tags: access, data, mfa

With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/zerodayrat-brings-commercial-spyware-to-mass-market
Attackers exploit decade”‘old Windows driver flaw to shut down modern EDR defenses

Feb 5, 2026 2:14 PM

Tags: access, attack, control, defense, edr, exploit, flaw, mfa, microsoft, monitoring, service, tool, vpn, vulnerability, windows

The kill list excluded Huntress: The EDR killer binary used in the Huntress-observed attack packed a 64-bit Windows executable and a custom encoded kernel driver payload, which it decoded into OemHwUpd.sys and installed as a kernel-mode service. Because Windows still honors its cryptographic signature, the attackers were able to load the driver.Once the vulnerable driver…
Software supply chain risks join the OWASP top 10 list, access control still on top

Feb 5, 2026 9:13 AM

Tags: access, ai, attack, authentication, backdoor, backup, breach, cloud, computer, control, credentials, cybersecurity, data, data-breach, defense, encryption, flaw, governance, identity, injection, LLM, login, malicious, mfa, open-source, password, risk, software, sql, supply-chain, threat, unauthorized, update, vulnerability

1 Broken access control When applications fail to properly enforce restrictions on what authenticated users are allowed to do, allowing attackers to access unauthorized functionality or data. For example, an attacker might manipulate an URL parameter to access another user’s account information or escalate their privileges from a regular user to an administrator. This item…
Product showcase: 2FAS Auth Free, open-source 2FA for iOS

Feb 3, 2026 7:13 AM

Tags: 2fa, authentication, mfa, open-source, password

Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/product-showcase-2fas-auth-free-open-source-2fa-ios/
New phishing attack leverages PDFs and Dropbox

Feb 3, 2026 5:13 AM

Tags: access, attack, authentication, awareness, business, cloud, control, detection, email, hacker, infrastructure, login, mail, mfa, phishing, service, threat, tool, training, zero-trust

Masquerading as a safe document format: But after so many warnings about this over time, why are people still so trusting of PDFs and Dropbox?”Because, historically, they’ve actually been trained to be,” said Avakian. PDFs are routinely used in the business world and have been positioned as a safe, read-only document format for invoices, contracts,…
ShinyHunters Leads Surge in Vishing Attacks to Steal SaaS Data

Feb 2, 2026 6:13 PM

Tags: access, attack, cloud, credentials, data, extortion, group, mandiant, mfa, saas, tactics, threat

Several threat clusters are using vishing in extortion campaigns that include tactics that are consistent with those used by high-profile threat group ShinyHunters. They are stealing SSO and MFA credentials to access companies’ environments and steal data from cloud applications, according to Mandiant researchers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/shinyhunters-leads-surge-in-vishing-attacks-to-steal-saas-data/
ShinyHunters flip the script on MFA in new data theft attacks

Feb 2, 2026 6:13 PM

Tags: attack, authentication, data, mfa, phishing, theft, threat

Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/02/shinyhunters-mfa-social-engineering/
Google Uncovers Major Expansion in ShinyHunters Threat Activity Using New Tactics

Feb 2, 2026 11:13 AM

Tags: authentication, corporate, credentials, cyber, cybercrime, extortion, google, identity, mfa, phishing, service, software, tactics, threat

A substantial expansion in cybercrime operations using tactics consistent with ShinyHunters-branded extortion campaigns. These sophisticated operations employ advanced voice phishing (vishing) and victim-branded credential harvesting websites to compromise corporate environments by stealing single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. While the methodology of targeting identity providers and Software-as-a-Service (SaaS) platforms remains consistent with…
ISMG Editors: Real-Time Vishing Is Breaking MFA

Jan 31, 2026 9:15 PM

Tags: ai, attack, governance, mfa

Also: Why AI Agents Are Colliding, What Good Governance Ought to Look Like. In this week’s panel, four ISMG editors discussed real-time vishing attacks that are defeating MFA, the growing problem of AI agents making conflicting decisions inside of enterprises and why the next phase of AI adoption depends on governance, accountability and control. First…
Mandiant details how ShinyHunters abuse SSO to steal cloud data

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cloud, credentials, data, mandiant, mfa, phishing, saas, theft

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-details-how-shinyhunters-abuse-sso-to-steal-cloud-data/
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Jan 31, 2026 9:15 PM

Tags: access, attack, breach, credentials, extortion, google, group, hacking, mandiant, mfa, phishing, saas, threat, unauthorized

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters.The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim First seen on thehackernews.com Jump…
Mithilfe von Infostealern Fail ermöglicht riesigen Datendiebstahl bei 50 Unternehmen

Jan 30, 2026 5:22 PM

Tags: mfa

First seen on security-insider.de Jump to article: www.security-insider.de/weltweiter-cyberangriff-zestix-datenklau-a-206b457039babeea7e2d6bea8b1cf21d/
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
How Can CISOs Respond to Ransomware Getting More Violent?

Jan 29, 2026 3:24 PM

Tags: business, ciso, defense, mfa, ransomware, update

Ransomware defense requires focusing on business resilience. This means patching issues promptly, improving user education, and deploying multi-factor authentication. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/how-cisos-respond-ransomware-getting-more-violent
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations

Jan 29, 2026 12:21 PM

Tags: credentials, exploit, mfa, phishing, ransomware, update

A drop in exploitation and ransomware, but a spike in phishing and credential abuse, show why timely patching and robust MFA matter more than ever. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/ir-trends-q4-2025/
75% of Organisations Have Gaps in Core Security Controls, Research Finds

Jan 29, 2026 11:24 AM

Tags: authentication, control, mfa, network

New research by Nagomi Security has revealed an alarming disconnect between how secure organisations think they are, compared to where real exposure exists. This overconfidence, as explored in Nagomi’s The Illusion of Maturity: 2026 Enterprise Exposure Snapshot, means that organisations are facing overlapping exposure within their networks, potentially putting them at significant risk. Notably, incomplete multi-factor authentication…