Tag: theft
-
Stock Exchange Executive’s Outlook Targeted in Credential Theft Attack
A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major global stock exchange, highlighting the strategic value of executive-level email access in modern cyber operations. The activity, which persisted for approximately five months between October 2025 and March 2026, demonstrates a disciplined…
-
Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
Tags: attack, cyber, infrastructure, intelligence, microsoft, monitoring, okta, phishing, russia, service, theft, threatThe Kali365 phishing-as-a-service (PhaaS) platform has significantly expanded its operational scope, moving beyond Microsoft 365 token theft to target Okta single sign-on (SSO) environments and Russia’s rapidly growing MAX Messenger platform. New threat intelligence reveals a more mature, multi-brand phishing ecosystem with centralized infrastructure, real-time token monitoring, and geographically targeted campaigns. Previously documented for abusing…
-
Can’t make sense of Dashlane’s vault theft notification? You’re not alone.
Security advisory leaves out key details. Dashlane maintains complete silence. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/dashlane-issues-opaque-advisory-warning-20-encrypted-vaults-were-stolen/
-
Alcasec, >>Robin Hood of Spanish Hackers,<< Jailed for 31 Months Over Data Theft
Alcasec, the “Robin Hood of Spanish Hackers,” is jailed for 31 months after admitting to stealing and selling Spanish citizens’ banking data. First seen on hackread.com Jump to article: hackread.com/alcasec-robin-hood-of-spanish-hackers-jail-data-theft/
-
1-Click GitHub Vulnerability Enables OAuth Token Theft
A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code (VSCode) webviews handle keyboard events and message passing, enabling a malicious repository to execute attacker-controlled actions inside the…
-
Russian hackers exploit WinRAR vulnerability for data theft
First seen on scworld.com Jump to article: www.scworld.com/brief/russian-hackers-exploit-winrar-vulnerability-for-data-theft
-
Grand Theft Auto V cheat service Atlas Menu hacked, user data exposed
First seen on scworld.com Jump to article: www.scworld.com/brief/grand-theft-auto-v-cheat-service-atlas-menu-hacked-user-data-exposed
-
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Claude Code GitHub Actions flaws could enable repository compromise, credential theft, and supply chain attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/claude-code-github-actions-flaw-created-supply-chain-attack-risk/
-
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation.Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then used…
-
64,000 accounts exposed in breach of GTA V cheat service Atlas Menu
Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that exposed tens of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/atlas-menu-cheat-service-data-breach/
-
Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
A long-running Telegram influence and fraud campaign where a solo threat actor leveraged stolen Google Gemini API keys and jailbroken AI to automate content generation, credential theft, and infrastructure operations at scale. Tracked as “bandcampro,” the Russian-speaking operator maintained a MAGA themed Telegram channel, @americanpatriotus, for nearly five years, amassing around 17,000 subscribers. The actor…
-
SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
A newly analyzed Python-based information stealer named SolyxImmortal is actively targeting sensitive user data, including browser credentials, cookies, documents, screenshots, and keystrokes. The malware uses common Python libraries and multi-threading techniques to run multiple surveillance and data theft operations simultaneously, making it efficient and difficult to detect during execution. Security researchers, including Cyfirma, report that…
-
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of developers and CI/CD environments to credential theft. Security researchers at Aikido confirmed that 96 malicious versions across 32 packages were published on June 1, 2026, with combined weekly downloads exceeding 116,000. Red Hat Cloud Services npm…
-
Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
A large-scale software supply chain attack has compromised multiple official npm packages under the @redhat-cloud-services scope, exposing thousands of developers and CI/CD environments to credential theft. Security researchers at Aikido confirmed that 96 malicious versions across 32 packages were published on June 1, 2026, with combined weekly downloads exceeding 116,000. Red Hat Cloud Services npm…
-
Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking
Chrome’s DBSC update binds login sessions to user devices, making stolen session cookies harder to reuse in account hijacking attacks. The post Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-chrome-dbsc-session-cookie-theft/
-
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
Hackers stole usernames, hashed passwords, and other data from a service that allowed players to cheat in Grand Theft Auto V. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/01/grand-theft-auto-v-cheat-service-gets-hacked-exposing-thousands-of-gamers/
-
Phishing Campaigns Exploit RCS and iMessage to Evade SMS Security Filters
Phishing campaigns are entering a new phase as attackers abandon traditional SMS delivery and static credential theft in favor of encrypted messaging channels and real-time account takeover techniques. Unlike conventional SMS phishing, RCS and iMessage operate over data networks with end-to-end encryption, limiting carriers’ ability to inspect or block malicious content. Threat actors are exploiting…
-
Jailbroken Gemini AI Abused in Credential Theft and Crypto Wallet Heist
Jailbroken Gemini AI has been weaponised in a long-running campaign that combined political influence, credential theft, and a cryptocurrency wallet heist, all operated by a single threat actor using a fake “patriot” persona. Trend Micro researchers recently documented how a solo Russian-speaking criminal, tracked as “bandcampro,” abused a compromised Gemini setup to automate content, hacking…
-
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks.The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation since…
-
Liberty Mutual Sued Over Alleged Everest Group Data Theft
Incident Comes Months After NYS Fined Liberty Mutual $2M in Other Hacks. Insurance carrier Liberty Mutual is facing proposed class action litigation filed by policyholders who allege their sensitive information was compromised in an April data theft claimed by cybercrime gang Everest Group. The incident is the company’s latest data security related troubles. First seen…
-
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
Modern crypto drainers don’t hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/inside-a-crypto-drainer-how-to-spot-it-before-it-empties-your-wallet/
-
Police seize “First VPN” service used in ransomware, data theft attacks
A virtual private network service called ‘First VPN,’ used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/
-
Fake Invitation Phishing Campaign Steals Credentials From U.S. Organizations
A large-scale phishing campaign leveraging fake event invitations is actively targeting U.S. organizations, combining credential theft, OTP interception, and remote access tool abuse into a single attack chain. The campaign stands out due to its repeatable phishing framework, which allows threat actors to rapidly generate event-themed lure pages at scale. These pages often begin with…
-
Why Smaller Healthcare Providers Remain Easy Targets
Recent Hacks Underscore Persistent and Growing Threats to Smaller Organizations. Small and mid-sized healthcare organizations – including medical specialty practices and regional clinics – continue to fall victim disproportionately to hacking incidents, including ransomware attacks and data thefts – affecting large populations of patients. Why does this keep happening? First seen on govinfosecurity.com Jump to…
-
GitHub Confirms Breach, 4K Internal Repos Stolen
Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor, TeamPCP, took credit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/github-confirms-breach-4k-internal-repos-stolen
-
Ukraine probes teen suspect in cyber theft scheme targeting California online shoppers
The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine’s Prosecutor General said. First seen on therecord.media Jump to article: therecord.media/ukraine-probes-teen-suspect-cyber-theft-scheme
-
GitHub Source Code Reportedly Compromised, TeamPCP Claims Breach
A threat actor group known as TeamPCP has claimed responsibility for a significant breach involving GitHub’s internal systems, alleging the theft of sensitive source code and proprietary organizational data. The group is currently offering the allegedly stolen dataset for sale on underground cybercrime forums, with asking prices reportedly exceeding $50,000. According to posts shared on…
-
Microsoft Self-Service Password Reset abused in Azure data theft attacks
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/