Credential Theft Archives • Daily CyberSecurity

Microsoft Exposes Malicious Typosquat Cluster Targeting Cloud Environments npm supply chain attack credential harvesting malware

Microsoft Exposes Malicious Typosquat Cluster Targeting Cloud Environments

Do Son May 29, 2026

Urgent Alert for DevOps Engineers Microsoft security analysts recently identified an active threat vector targeting modern software...

Critical 9.9 CVSS Flaw in Arcane Exposes GitOps Secrets to Basic Users Arcane Docker Vulnerability CVE-2026-45625

Critical 9.9 CVSS Flaw in Arcane Exposes GitOps Secrets to Basic Users

Do Son May 20, 2026

Arcane, the popular tool billed as “Modern Docker Management, Designed for Everyone”, has disclosed a severe security...

Urgent Update: Composer Vulnerability Leaks GitHub Secrets in Plaintext Logs (CVE-2026-45793) CVE-2026-40176, CVE-2026-40261 Composer GitHub Token Leak CVE-2026-45793

CVE-2026-40176, CVE-2026-40261 Composer GitHub Token Leak CVE-2026-45793

Urgent Update: Composer Vulnerability Leaks GitHub Secrets in Plaintext Logs (CVE-2026-45793)

Do Son May 14, 2026

In a critical security alert for the PHP community, Nils Adermann, Co-Creator of Composer, has issued an...

Vidar Stealer Weaponizes AutoIt and Masqueraded Scripts Vidar Stealer AutoIt File Extension Masquerading

Vidar Stealer Weaponizes AutoIt and Masqueraded Scripts

Do Son May 12, 2026

Threat actors are increasingly abandoning loud, easily identifiable malware in favor of subtle, script-based deceptions. A new...

The Compliance Trap: How a 13,000-Org Phishing Wave Bypasses MFA via AiTM Proxying AiTM Phishing Campaign Microsoft MFA Bypass

The Compliance Trap: How a 13,000-Org Phishing Wave Bypasses MFA via AiTM Proxying

Do Son May 5, 2026

Microsoft’s Defender Security Research and Threat Intelligence teams have sounded the alarm on a massive, highly sophisticated...

Scammers Weaponize Amazon SES to Bypass Security Amazon SES Phishing AWS IAM Credential Leak

Scammers Weaponize Amazon SES to Bypass Security

Do Son May 5, 2026

A recent report from Kaspersky Labs reveals a disturbing surge in phishing campaigns leveraging Amazon Simple Email...

The AI-Powered Cybercrime Factory: Unmasking the Bluekit “All-in-One” Phishing Revolution Bluekit Phishing AI-Powered Phishing

The AI-Powered Cybercrime Factory: Unmasking the Bluekit “All-in-One” Phishing Revolution

Do Son May 5, 2026

Security researchers at Varonis Threat Labs have dissected a new, all-in-one phishing platform dubbed Bluekit that is...

The Self-Parsing Ghost: Inside Deep#Door’s Stealthy Python Backdoor Deep#Door Backdoor Python RAT Framework

The Self-Parsing Ghost: Inside Deep#Door’s Stealthy Python Backdoor

Do Son May 4, 2026

Securonix Threat Research has detailed a sophisticated new Python-based backdoor framework dubbed Deep#Door. This high-tech implant exemplifies...

Waking the Sleepers: The BufferZoneCorp Campaign Poisoning Ruby and Go Ecosystems

Do Son May 2, 2026

Security researchers at Socket have uncovered a coordinated software supply chain campaign orchestrated through the GitHub account...

“TanStack”: Malicious Name-Squatting Campaign Steals Environment Secrets TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

“TanStack”: Malicious Name-Squatting Campaign Steals Environment Secrets

Do Son May 2, 2026

Security researchers have uncovered a supply-chain attack on npm targeting developers who mistakenly install the unscoped tanstack...

AI’s Open Secret: Why Your Cursor Extensions Can Silently Siphon Your API Keys Cursor AI Credential Theft AI Editor Security Oversight

AI’s Open Secret: Why Your Cursor Extensions Can Silently Siphon Your API Keys

Do Son April 30, 2026

In the fast-moving world of AI-assisted development, a significant security oversight has been uncovered in Cursor, a...

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Do Son April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference Xinference Supply Chain Attack TeamPCP

Supply Chain Alert: TeamPCP Strikes Popular AI Framework Xinference

Do Son April 23, 2026

The Python ecosystem is reeling from a sophisticated supply chain attack targeting Xinference (Xorbits Inference), a widely...

Storm: 2026’s Newest Infostealer Bypasses Chrome to Hijack Your MFA Sessions Storm Infostealer Session Cookie Theft

Storm: 2026’s Newest Infostealer Bypasses Chrome to Hijack Your MFA Sessions

Do Son April 9, 2026

A new and highly efficient threat has emerged on underground cybercrime networks, signaling a significant shift in...

Malicious VeloraDEX SDK Compromises Developer Machines via npm npm Supply Chain Attack @velora-dex/sdk Malware

Malicious VeloraDEX SDK Compromises Developer Machines via npm

Do Son April 8, 2026

Security researchers at StepSecurity have sounded the alarm on a compromised version of the @velora-dex/sdk package. On...

The Evolution of an Infostealer: Xloader 8.7 Unmasked Xloader Malware Information Stealer Phantom Stealer v3.5.0 DLL Sideloading Attack

The Evolution of an Infostealer: Xloader 8.7 Unmasked

Do Son April 7, 2026

ThreatLabz has released a deep-dive analysis into the latest iterations of Xloader, a notorious information-stealing malware that...

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations FAUX#ELEVATE Living-off-the-Land Attack

The 25-Second Heist: Inside FAUX#ELEVATE’s “Inflated” Phishing Attack on French Corporations

Do Son March 31, 2026

Cybersecurity researchers at Securonix have detailed the curtain on a sophisticated new threat campaign dubbed FAUX#ELEVATE. The...

Inside the AI-Driven “Lure Factory” Flooding GitHub with Trojans AI-Generated Malware GitHub Trojan Campaign

Inside the AI-Driven “Lure Factory” Flooding GitHub with Trojans

Do Son March 29, 2026

A sophisticated and highly automated malware operation is currently flooding GitHub with hundreds of trojanized repositories. Dubbed...

The Fake VPN Trap: Microsoft Warns of Storm-2561 SEO Poisoning Campaigns Stealing Corporate Credentials

Do Son March 17, 2026

Cybersecurity investigators at Microsoft Defender Experts have sounded the alarm on a deceptive credential theft campaign targeting...

The Sleeper in Your Toolbar: How a “Featured” Chrome Extension Turned Into a Full-Scale Infostealer ShotBird extension malware

The Sleeper in Your Toolbar: How a “Featured” Chrome Extension Turned Into a Full-Scale Infostealer

Do Son March 12, 2026

A once-reputable Chrome extension has been caught moonlighting as a sophisticated malware delivery vehicle. ShotBird, a tool...