Tag: theft
-
Hardening browser security with zero-trust controls
Tags: access, api, authentication, automation, browser, chrome, cisa, cloud, compliance, container, control, corporate, credentials, crowdstrike, data, data-breach, detection, edr, email, encryption, endpoint, exploit, fido, finance, framework, google, governance, group, Hardware, identity, kubernetes, least-privilege, login, malicious, malware, mfa, microsoft, network, nist, okta, passkey, password, phishing, phone, risk, risk-assessment, sap, service, soar, theft, threat, tool, update, wifi, windows, zero-trust1. Identity-first access control Network proximity is now an inferior trust signal. Only federated, cryptographically verifiable identity tokens issued by centralized enterprise IdPs using OIDC or SAML are permitted as gates to corporate resources. This transition, well-documented by FIDO Alliance and Microsoft research, transfers the very concept of “inside” the organization from the network to…
-
PromptPwnd Vulnerability Exposes AI driven build systems to Data Theft
Aikido Security exposes a new AI prompt injection flaw in GitHub/GitLab pipelines, letting attackers steal secrets. Major companies affected. First seen on hackread.com Jump to article: hackread.com/promptpwnd-vulnerabilit-ai-systems-data-theft/
-
Evilginx Attack Campaigns: Session Cookie Theft and MFA Bypass Tactics
Security researchers are issuing urgent warnings about a rising wave of cyberattacks leveraging Evilginx, an attacker-in-the-middle phishing toolkit that intercepts login flows to steal session cookies and circumvent multi-factor authentication (MFA) protections. The threat is particularly acute within educational institutions, where attackers are demonstrating alarming success rates. Evilginx operates with surgical precision by positioning itself…
-
Qilin Ransomware Claims Data Theft from Church of Scientology
Qilin ransomware claims it stole internal data from the Church of Scientology, sharing 22 screenshots as proof. The breach remains unconfirmed by the organization. First seen on hackread.com Jump to article: hackread.com/qilin-ransomware-church-of-scientology-data-theft/
-
Cryptohack Roundup: Authorities Shutter Cryptomixer
Also: Anthropic Warns of Autonomous AI Exploits on Blockchain. This week, authorities shutter Cryptomixer, Anthropic warns about autonomous AI exploits, U.K. plans ban on crypto political donations, Do Kwon seeks leniency, Lazarus Group suspected in Upbit theft, Balancer’s post-exploit plans and Yearn recovers some hacked amount. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-authorities-shutter-cryptomixer-a-30192
-
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts”, and 15 More Stories
Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other.Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing. DeFi exploit drains funds Critical…
-
Sryxen Malware Uses Headless Browser Trick to Bypass Chrome Protections
A new Windows-focused information stealer dubbed “Sryxen” is drawing attention in the security community for its blend of modern browser credential theft and unusually aggressive anti-analysis protections. Sold as malware-as-a-service (MaaS) and written in C++ for 64-bit Windows, Sryxen targets browser secrets, Discord tokens, VPNs, social accounts, and crypto wallets, then exfiltrates everything to its…
-
Sryxen Malware Uses Headless Browser Trick to Bypass Chrome Protections
A new Windows-focused information stealer dubbed “Sryxen” is drawing attention in the security community for its blend of modern browser credential theft and unusually aggressive anti-analysis protections. Sold as malware-as-a-service (MaaS) and written in C++ for 64-bit Windows, Sryxen targets browser secrets, Discord tokens, VPNs, social accounts, and crypto wallets, then exfiltrates everything to its…
-
Everest Ransomware Claims ASUS Breach and 1TB Data Theft
Everest ransomware group claims it breached ASUS, stealing over 1TB of data including camera source code. ASUS has been given 21 hours to respond via Qtox. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-asus-breach-1tb-data/
-
Shai-hulud 2.0 Turns npm Installs Into a Full Cloud Compromise Path
A new Shai-hulud variant turns trusted npm installs into a stealthy path for cloud-credential theft and supply chain compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/shai-hulud-2-0-turns-npm-installs-into-a-full-cloud-compromise-path/
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
Officials accuse North Korea’s Lazarus of $30 million theft from crypto exchange
Yonhap News Agency reported on Friday that South Korean government officials are involved in the investigation surrounding $30 million worth of cryptocurrency that was stolen from Upbit on Wednesday evening. First seen on therecord.media Jump to article: therecord.media/officials-accuse-north-korea-hackers-of-attack-on-crypto-exchange
-
Devolutions Server Hit by SQL Injection Flaw Allowing Data Theft
A critical security vulnerability has been discovered in Devolutions Server, a popular centralized password and privileged access management solution. The flaw, rated critical severity by experts, could allow attackers to steal sensitive data or modify internal records. Devolutions, the company behind the software, released a security advisory (DEVO-2025-0018) on November 27, 2025, detailing three separate…
-
Devolutions Server Hit by SQL Injection Flaw Allowing Data Theft
A critical security vulnerability has been discovered in Devolutions Server, a popular centralized password and privileged access management solution. The flaw, rated critical severity by experts, could allow attackers to steal sensitive data or modify internal records. Devolutions, the company behind the software, released a security advisory (DEVO-2025-0018) on November 27, 2025, detailing three separate…
-
Londoners told to be vigilant with messages after cyber-attack on council
Royal Borough of Kensington and Chelsea says it is checking whether data taken contained residents’s detailsA London council has urged thousands of residents to be “extra vigilant” when receiving calls, emails or text messages after confirming that data had been taken in a cyber-attack.The Royal Borough of Kensington and Chelsea (RBKC), which has 147,500 residents,…
-
ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool
In a significant escalation of the global cyber threat landscape, the notorious threat group ShinyHunters appears to be transitioning from data theft to full-scale ransomware operations. Cybersecurity researchers have identified an early build of a new Ransomware-as-a-Service (RaaS) platform dubbed >>ShinySp1d3r,
-
Xillen Stealer Evolves With AI-Like Evasion and Broader Targeting
Xillen Stealer v5 uses AI-themed evasion and expanded targeting to advance credential-theft tactics. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/xillen-stealer-evolves-with-ai-like-evasion-and-broader-targeting/
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
Alliances between ransomware groups tied to recent surge in cybercrime
Tags: access, attack, awareness, backup, business, cloud, cybercrime, cybersecurity, data, encryption, exploit, extortion, group, healthcare, incident response, intelligence, law, leak, monitoring, ransom, ransomware, saas, service, software, tactics, theft, threat, vpn, vulnerability, zero-dayRansomware groups change tactics to evade law enforcement: The latest quarterly study from Rapid7 also found that newly forged alliances are leading to a spike in ransomware activity while adding that tactical innovations, from refined extortion to double extortion and use of zero day, are also playing a part in increased malfeasance.The quarter also saw…
-
Everest ransomware claims breach at Spain’s national airline Iberia with 596 GB data theft
Everest claims large breaches at Iberia and Air Miles España with major data taken from both travel platforms placing millions of users at risk. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-spai-airline-iberia-breach/
-
Everest ransomware claims breach at Spain’s national airline Iberia with 596 GB data theft
Everest claims large breaches at Iberia and Air Miles España with major data taken from both travel platforms placing millions of users at risk. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-spai-airline-iberia-breach/
-
ShadowRay 2.0 Turns AI Clusters into Crypto Botnets
A threat actor is leveraging a flaw in the Ray framework to hijack AI infrastructure worldwide and distribute a self-propagating cryptomining and data theft botnet. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/shadowray-20-ai-clusters-crypto-botnets
-
Salesforce Details Supply Chain Attack Targeting Gainsight
Cybercrime Group ShinyHunters Claims to Steal Data From 300 Organizations. The attack that targeted customer data management tool Gainsight resulted in the theft of information from approximately 300 Salesforce-using firms, the Scattered Lapsus$ Hunters subgroup ShinyHunters has claimed. Salesforce and Gainsight have shared more details as their investigation continues. First seen on govinfosecurity.com Jump to…
-
US banks scramble to assess data theft after hackers breach financial tech firm
U.S. banking giants including JPMorgan Chase, Citi, and Morgan Stanley are working to identify what data was stolen in a recent cyberattack on a New York financial firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/24/us-banks-scramble-to-assess-data-theft-after-hackers-breach-financial-tech-firm/