Credential Theft Archives • Page 3 of 5 • Daily CyberSecurity

VSCode Supply Chain Compromise: 12 Malicious Extensions Steal Source Code and Open Remote Shells VSCode Source Code Theft, Malicious Extensions

VSCode Source Code Theft, Malicious Extensions

VSCode Supply Chain Compromise: 12 Malicious Extensions Steal Source Code and Open Remote Shells

Do Son October 30, 2025

The HelixGuard Threat Intelligence Team has uncovered a widespread supply chain compromise affecting the Visual Studio Code...

Critical MikroTik Flaw (CVE-2025-61481, CVSS 10.0) Exposes Router Admin Credentials Over Unencrypted HTTP WebFig MikroTik HTTP Credential Leak, WebFig MitM CVE-2025-61481

MikroTik HTTP Credential Leak, WebFig MitM CVE-2025-61481

Critical MikroTik Flaw (CVE-2025-61481, CVSS 10.0) Exposes Router Admin Credentials Over Unencrypted HTTP WebFig

Do Son October 29, 2025

A newly disclosed vulnerability, CVE-2025-61481, rated a maximum CVSS score of 10.0, affects MikroTik RouterOS (v7.14.2) and...

Qilin RaaS Expands Global Impact: 40+ Victims/Month, Cyberduck Abuse, and WDigest Credential Theft Qilin RaaS, Cyberduck Credential Theft

Qilin RaaS Expands Global Impact: 40+ Victims/Month, Cyberduck Abuse, and WDigest Credential Theft

Do Son October 28, 2025

In its latest analysis covering the second half of 2025, researchers from Cisco Talos have revealed that...

Lumma Infostealer MaaS Campaign Uses NSIS/AutoIt and MEGA Cloud to Steal Credentials via Pirated Software Lumma MaaS, NSIS AutoIt

Lumma Infostealer MaaS Campaign Uses NSIS/AutoIt and MEGA Cloud to Steal Credentials via Pirated Software

Do Son October 23, 2025

Researchers at the Genians Security Center (GSC) have uncovered an active Lumma Infostealer campaign leveraging AutoIt scripts,...

SEQRITE Labs Uncovers “CAPI Backdoor” Campaign Targeting Russia’s Automobile and E-Commerce Sectors CAPI Banking Trojan, LNK Persistence

SEQRITE Labs Uncovers “CAPI Backdoor” Campaign Targeting Russia’s Automobile and E-Commerce Sectors

Do Son October 20, 2025

Researchers at SEQRITE Labs have uncovered a targeted spear-phishing campaign aimed at organizations in Russia’s automobile and...

Akira Ransomware Revives SonicWall Flaw CVE-2024-40766, Uses ‘UnPAC the Hash’ to Breach Networks

Do Son October 13, 2025

Between July and August 2025, global security teams have observed a resurgence in Akira ransomware incidents targeting...

New Shuyal Stealer Malware Targets 19 Browsers, Disables Windows Task Manager for Stealth Shuyal Stealer, Task Manager Evasion

New Shuyal Stealer Malware Targets 19 Browsers, Disables Windows Task Manager for Stealth

Do Son October 8, 2025

Security researchers at Point Wild have uncovered a new information-stealing malware dubbed Shuyal Stealer, which pushes the...

SideWinder APT Launches Operation SouthNet, Weaponizing Netlify and Pages.dev for Espionage NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SideWinder APT Launches Operation SouthNet, Weaponizing Netlify and Pages.dev for Espionage

Do Son October 7, 2025

A new report from Hunt Intelligence reveals that APT SideWinder — one of South Asia’s most active...

TamperedChef Malware: Fake PDF Editor Stole Credentials After Two Months of Covert Operation TamperedChef, Malvertising

TamperedChef Malware: Fake PDF Editor Stole Credentials After Two Months of Covert Operation

Do Son October 6, 2025

Cybersecurity researchers at WithSecure’s Strategic Threat Intelligence & Research Group (STINGR) have uncovered a highly sophisticated malware...

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

UAT-8099: Chinese Group Uses BadIIS Malware on Compromised Servers for SEO Fraud and Credential Theft

Do Son October 3, 2025

Cisco Talos researchers have detailed the activities of UAT-8099, a Chinese-speaking cybercrime group leveraging compromised Microsoft IIS...

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns Stealerium, infostealer

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns

Do Son September 4, 2025

Proofpoint threat researchers have uncovered a surge in campaigns distributing Stealerium-based malware, an open-source infostealer first released...

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry the phishing page prompts for OTP codes sent via SMS

A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry

Do Son September 2, 2025

Okta Threat Intelligence is sounding the alarm over a large-scale phishing campaign that has been actively impersonating...

Unraveling a Phishing Spree That Abuses Email Marketing and Cloud Services Phishing, URL redirectors

Unraveling a Phishing Spree That Abuses Email Marketing and Cloud Services

Do Son September 1, 2025

Researchers at Trustwave SpiderLabs have published an analysis showing a significant uptick in phishing campaigns that rely...

New Zero-Click Flaw Bypasses Microsoft’s Patch, Leaking NTLM Credentials, PoC Available Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

Smart App Control blocking Armoury Crate, ROG Ally Defender false positive 2026 Microsoft Zero-Day, Cloud Files UAF Microsoft Access end of life CVE-2025-21298 Azure Vulnerabilities

New Zero-Click Flaw Bypasses Microsoft’s Patch, Leaking NTLM Credentials, PoC Available

Do Son August 13, 2025

Cymulate Research Labs has uncovered a critical zero-click NTLM credential leakage vulnerability—CVE-2025-50154—that bypasses Microsoft’s April 2025 patch...

PoisonSeed’s MFA-Resistant Phishing Kit Exposed: A Deep Dive into Precision-Validated Credential Theft

Do Son August 13, 2025

A new NVISO investigation has revealed the inner workings of PoisonSeed, a sophisticated threat actor whose tactics...

EPM Poisoning (CVE-2025-49760): New Windows RPC Exploit Hijacks Services, Allowing Full Active Directory Compromise, PoC Releases

Do Son August 12, 2025

Security researcher Ron Ben Yizhak from SafeBreach Labs has uncovered a novel attack technique dubbed Endpoint Mapper...

PyPI Warns of Sophisticated Phishing Campaign Targeting Python Developers Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft