Tag: Credential Theft
Attackers Abuse CAPTCHA and ClickFix Tactics to Boost Credential Theft Campaigns
Microsoft tracked 8.3 billion email-based phishing threats in Q1 2026 as CAPTCHA-gated attacks more than doubled in March, hitting 11.9…
Over 30,000 Facebook Accounts Compromised in Google AppSheet Phishing Attack
Attackers exploited Google's legitimate no-code AppSheet platform to create and host fake login pages, evading traditional security filters and stealing…
Malicious Ruby Gems and Go Modules Target CI Pipelines for Credential Theft
Attackers are exploiting automated CI build processes by embedding credential-harvesting code into fake updates of widely-used open source packages.
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
The compromise cascaded from PyPI to npm to Packagist when a transitive dependency of pyannote-audio introduced the malicious Lightning package…
New DEEP#DOOR Python Backdoor Targets Browser and Cloud Credentials via Tunneling Service
The malware’s watchdog mechanism automatically recreates removed persistence artifacts, and its use of bore.pub eliminates the need for dedicated attacker…
Ransomware Group Harvests Remote Desktop Logins from Victim Systems
Qilin ransomware uses a PowerShell script to extract and exfiltrate stored RDP connection records from the Windows registry to plan…
Malicious npm Package Targets Bitwarden Users in Multi Stage Supply Chain Attack
The attack leverages a trojanized npm package to steal credentials from developer environments connected to Bitwarden CLI workflows.
TeamPCP Moves From OSS to AWS Environments Using Stolen Credentials
The TeamPCP hacking group used compromised credentials from the Trivy supply chain attack to access AWS environments, enumerate containers, and…