Security News

How New AI Agents Will Transform Credential Stuffing Attacks
2025-03-04 11:00

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using...

Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators
2025-02-28 04:02

Crew helped lowlifes generate X-rated celeb deepfakes using Redmond's OpenAI-powered cloud – claim Microsoft has named four of the ten people it is suing for allegedly snatching Azure cloud...

Hackers pose as employers to steal crypto, login credentials
2025-02-20 10:00

Since early 2024, ESET researchers have been tracking DeceptiveDevelopment, a series of malicious campaigns linked to North Korea-aligned operators. Disguising themselves as software development...

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
2025-02-18 07:04

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via...

Russia's Sandworm caught snarfing credentials, data from American and Brit orgs
2025-02-12 17:00

'Near-global' initial access campaign active since 2021 An initial-access subgroup of Russia's Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing...

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
2025-02-06 11:05

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new...

Hackers spoof Microsoft ADFS login pages to steal credentials
2025-02-05 18:41

A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication...

Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform
2025-02-04 04:29

Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat...

Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft
2025-01-31 05:49

Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain...

VMware plugs steal-my-credentials holes in Cloud Foundation
2025-01-30 22:00

Consider patching soon because cybercrooks love to hit vulnerable tools from Broadcom's virtualization giant Broadcom has fixed five flaws, collectively deemed "high severity," in VMware's IT...