To counter cookie theft, Chrome ships device-bound session credentials
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attack...
MITRE ATT&CK Mapping
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
T1078 — Valid Accounts (Initial Access)
Clear filter32 articles found
HPE Aruba Private 5G Vulnerability Opens Door to Credential Theft Attacks
A newly disclosed security flaw in HPE Aruba Networking Private 5G Core On-Prem is putting enterprise networks at severe risk of credential theft. Documented...
Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials
Hackers breached Bitcoin Depot, stole credentials, and took about 50 BTC worth $3.6M from its wallets after a March 23 intrusion.
When attackers already have the keys, MFA is just another door to open
Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—b...
Top 10 Best Multi-Factor Authentication (MFA) Providers in 2026
In the digital realm of 2026, the traditional password stands as a flimsy barrier against an onslaught of sophisticated cyber threats. From phishing campaign...
Hackers exploit React2Shell in automated credential theft campaign
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps.
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
Cyberattacks powered by stolen credentials on the rise
Cybersecurity incidents are increasingly centered on identity abuse, where stolen login credentials serve as the primary entry point for attackers, and the g...
Security awareness is not a control: Rethinking human risk in enterprise security
Organizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years. They essen...
Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development env...
Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks
Report shows how industrialized credential theft underpins ransomware, SaaS breaches, and geopolitical attacks, shifting security focus from prevention to de...
TeamPCP Moves From OSS to AWS Environments
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities. The post TeamPCP Mo...
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad.
Cybercriminals Exploit Tax Season With New Phishing Tactics
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Russian Hackers Deploy “CTRL” for RDP Hijacking
Russian hackers are using a new remote access toolkit called “CTRL” to silently hijack Remote Desktop Protocol (RDP) sessions via FRP-based reverse tunnels, ...
LiteLLM supply chain attack exposes millions to credential theft
Researchers at Endor Labs, have discovered a supply chain attack on the popular Python package LiteLLM on PyPI, with malicious code injected into versions 1.82.
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog
The U.S.
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Multi-stage fraud attacks chain bots, proxies, and stolen credentials from signup to takeover. IPQS shows why correlating IP, device, identity, and behavior ...
Preventing Account Takeovers: A Practical Guide to Detection and Response
Yesterday’s password leak can become tomorrow’s identity crisis. According to research firm Gitnux, account-takeover attacks jumped 354 percent in 2023, driv...