Credential Theft
153 article(s)
🗓 09 Jan 2026 · 👤 LOGICFALCON · 🌍 Europe
Russian state hackers known as APT28 orchestrated a 2025 credential-stealing campaign targeting energy and policy organizations across Eurasia. Using fake login pages and real policy documents, they exploited disposable internet services to exfiltrate sensitive data, exposing critical vulnerabilities in the energy sector.
🗓 09 Jan 2026 · 👤 TRUSTBREAKER · 🌍 Europe
Russia’s notorious Fancy Bear hacking group has shifted to basic but effective credential harvesting, targeting strategic organizations worldwide with low-cost phishing emails and fake login pages. Experts warn these attacks are more widespread—and dangerous—than they appear.
🗓 09 Jan 2026 · 👤 LOGICFALCON
Two fake AI Chrome extensions, disguised as productivity tools, secretly stole private conversations and browsing data from 900,000 users—revealing the risks lurking in even trusted browser stores.
🗓 09 Jan 2026 · 👤 TRUSTBREAKER · 🌍 South America
Cybercriminals are using WhatsApp’s trusted platform to spread the Astaroth banking trojan across Brazil. The attack uses automated messages, stolen contact lists, and time-specific greetings to propagate itself, putting millions at risk.
🗓 08 Jan 2026 · 👤 LOGICFALCON · 🌍 North America
Bryan Fleming, the founder of pcTattletale, has pleaded guilty to federal charges for running a notorious stalkerware empire. The case marks a turning point in the fight against digital surveillance abuse.
🗓 08 Jan 2026 · 👤 TRUSTBREAKER
A wave of ownCloud breaches in 2026 reveals that infostealer malware and missing MFA, not software flaws, left organizations exposed—underscoring the critical need for defense-in-depth in self-hosted file sharing.
🗓 08 Jan 2026 · 👤 LOGICFALCON · 🌍 Europe
BlueDelta, a GRU-linked Russian hacker group, escalated credential-harvesting attacks in 2025 using sophisticated phishing campaigns targeting Microsoft OWA, Google, and Sophos VPN. Their evolving tactics, including authentic-looking PDFs and multi-stage redirection, outsmarted even seasoned professionals in critical sectors.
🗓 08 Jan 2026 · 👤 TRUSTBREAKER · 🌍 Asia
ToddyCat, a stealthy cyber-espionage group, has weaponized Microsoft Exchange vulnerabilities to infiltrate organizations across Europe and Asia. Learn how their evolving malware and advanced evasion techniques threaten enterprise security—and what defenders can do about it.
🗓 07 Jan 2026 · 👤 LOGICFALCON · 🌍 Middle-East
A wave of credential theft attacks has hit ownCloud users, exposing sensitive corporate data. The company urges immediate adoption of multi-factor authentication to prevent future breaches.
🗓 07 Jan 2026 · 👤 TRUSTBREAKER · 🌍 Middle-East
A single hacker used infostealer malware and stolen passwords to breach 50 major companies worldwide, exposing sensitive data due to basic security oversights like missing multi-factor authentication.
