Tag: theft
-
Hackers Exploit Microsoft Employee Accounts in Salary Theft Scheme
Tags: attack, authentication, credentials, cyber, exploit, finance, hacker, intelligence, microsoft, phishing, theft, threatMicrosoft Threat Intelligence is sounding the alarm on a surge of sophisticated “payroll pirate” attacks, in which financially motivated adversaries hijack employee accounts to reroute salary payments to attacker-controlled bank accounts. In the first half of 2025, Storm-2657 launched a widespread phishing campaign against university staff, harvesting credentials and multifactor authentication (MFA) codes. Attackers deployed…
-
Google Issues Alert on CL0P Ransomware Actively Exploiting Oracle E-Business Suite Zero-Day
Organizations using Oracle E-Business Suite must apply the October 4 emergency patches immediately to mitigate active, in-the-wild exploitation by CL0P extortion actors and hunt for malicious templates in their databases. Beginning September 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant identified a massive email campaign targeting executives at dozens of organizations, alleging theft of…
-
Australia Levies First-Ever Privacy Act Fine in Lab Breach
Australian Clinical Labs Ordered to Pay $5.8M in Data Theft at Medlab Pathology Unit. An Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to – and following – a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for…
-
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Researchers said malicious activity dates back to early July and active exploitation was observed two months ago. First seen on cyberscoop.com Jump to article: cyberscoop.com/oracle-customers-attacks-clop-google-mandiant/
-
Two Teenagers Arrested Following Major Cyberattack on Kido Nurseries
Two 17-year-old boys have been arrested in connection with a cyberattack on Kido, a London-based nursery chain. The incident involved the theft and online exposure of sensitive data from approximately 8,000 children, prompting widespread concern and a swift response from the Metropolitan Police. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cyberattack-on-kido-nursery/
-
SaaS Breaches Start with Tokens – What Security Teams Must Watch
Token theft is a leading cause of SaaS breaches. Discover why OAuth and API tokens are often overlooked and how security teams can strengthen token hygiene to prevent attacks.Most companies in 2025 rely on a whole range of software-as-a-service (SaaS) applications to run their operations. However, the security of these applications depends on small pieces…
-
The Evolution of Chaos: Ransomware’s New Era of Speed and Intelligence
In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foundation, introducing destructive extortion tactics and cryptocurrency theft capabilities that significantly amplify both operational impact and financial risk…
-
Critical Redis Flaw Could Compromise Most Cloud Environments
A Redis flaw, CVE-2025-49844, exposes 75% of cloud systems to remote code execution, data theft, and full system compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/redis-vulnerability-cloud-compromise/
-
Critical Redis Flaw Could Compromise Most Cloud Environments
A Redis flaw, CVE-2025-49844, exposes 75% of cloud systems to remote code execution, data theft, and full system compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/redis-vulnerability-cloud-compromise/
-
Critical Redis Flaw Could Compromise Most Cloud Environments
A Redis flaw, CVE-2025-49844, exposes 75% of cloud systems to remote code execution, data theft, and full system compromise. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/redis-vulnerability-cloud-compromise/
-
Crimson Collective hackers target AWS cloud instances for data theft
The ‘Crimson Collective’ threat group has been targeting AWS (Amazon Web Services) cloud environments for the past weeks, to steal data and extort companies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crimson-collective-hackers-target-aws-cloud-instances-for-data-theft/
-
Shuyal Stealer Malware Exploits 19 Browsers to Steal Logins
Shuyal Stealer is a recently uncovered infostealer that pushes the boundaries of traditional browser-targeted malware. Unlike most variants that zero in on popular platforms like Chrome and Edge, Shuyal dramatically widens its scope by targeting 19 different browsers, making it far more versatile and dangerous in its data-harvesting capabilities. Beyond the usual theft of browser-stored…
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bybit-recordbreaking-2bn-north/
-
Salesforce refuses to pay ransom over widespread data theft attacks
Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesforce-refuses-to-pay-ransom-over-widespread-data-theft-attacks/
-
Salesforce refuses to pay ransom over widespread data theft attacks
Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesforce-refuses-to-pay-ransom-over-widespread-data-theft-attacks/
-
Salesforce refuses to pay ransom over widespread data theft attacks
Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesforce-refuses-to-pay-ransom-over-widespread-data-theft-attacks/
-
Salesforce refuses to pay ransom over widespread data theft attacks
Salesforce has confirmed that it will not negotiate with or pay a ransom to the threat actors behind a massive wave of data theft attacks that impacted the company’s customers this year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/salesforce-refuses-to-pay-ransom-over-widespread-data-theft-attacks/
-
Clop exploited Oracle zero-day for data theft since early August
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-zero-day-exploited-in-clop-data-theft-attacks-since-early-august/
-
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts.”XWorm’s modular design is built around a core client and an array of specialized components known as plugins,” Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis published…
-
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts.”XWorm’s modular design is built around a core client and an array of specialized components known as plugins,” Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis published…
-
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
The notorious ransomware group exploited multiple vulnerabilities, including a zero-day, for at least eight weeks before alleged victims received extortion demands. First seen on cyberscoop.com Jump to article: cyberscoop.com/oracle-zero-day-clop/
-
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Tags: attack, china, credentials, cybercrime, cybersecurity, fraud, group, india, infection, Internet, microsoft, service, theftCybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand First seen…
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)
The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), >>to steal large amounts of data … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/cl0p-oracle-data-theft-extortion-cve-2025-61882/
-
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers
Tags: attack, china, credentials, cybercrime, cybersecurity, fraud, group, india, infection, Internet, microsoft, service, theftCybersecurity researchers have shed light on a Chinese-speaking cybercrime group codenamed UAT-8099 that has been attributed to search engine optimization (SEO) fraud and theft of high-value credentials, configuration files, and certificate data. The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most of the infections reported in India, Thailand First seen…
-
Clop crew hits Oracle E-Business Suite users with fresh zero-day
Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion First seen on theregister.com Jump to article: www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/
-
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks.The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to compromise…