Fake NuGet packages recently infiltrated the .NET ecosystem, targeting ASP.NET developers to steal credentials and inject persistent backdoors. Discover how the attack unfolded, evaded detection, and what it means for software supply chain security.
The CharlieKirk Grabber malware is shaking up the cybercrime landscape with its rapid-fire approach to credential theft, exploiting trusted Windows tools and cloud platforms to steal browser logins, tokens, and more before victims notice.
A single compromised government credential allowed hackers to access France’s FICOBA registry, exposing 1.2 million bank accounts. Authorities are scrambling to contain the fallout and warn citizens about rising phishing scams.
A cyber intruder exploited a single set of stolen credentials to access France’s national bank account registry, exposing sensitive data from 1.2 million accounts. The breach highlights dangerous gaps in privilege management and leaves millions at risk of scams.
A surge in cyberattacks driven by stolen credentials and supply-chain vulnerabilities is putting businesses at unprecedented risk. Dataminr's latest report shows how hackers are using AI and third-party platform exploits to breach organizations on a massive scale.
Cybercriminals are hijacking trusted Homebrew installation workflows using lookalike domains and copy-paste commands to deliver Cuckoo Stealer malware on macOS. This investigative feature exposes the tactics behind ClickFix attacks and the lessons for the developer community.
OpenClaw’s major update introduces advanced Anthropic model support, but a credential theft incident exposes new risks as infostealer malware targets the popular AI assistant’s configuration files.
A global malware campaign is abusing Google Groups and trusted Google-hosted URLs to deliver credential-stealing malware. Windows users are targeted with Lumma Stealer, while Linux users are lured into installing a trojanized 'Ninja Browser.' CTM360 exposes the technical tricks and risks behind this alarming new wave of attacks.
Cybercriminals exploited an abandoned Outlook add-in, hijacking it to steal thousands of Microsoft account credentials and credit card numbers. This supply chain attack highlights a dangerous blind spot in Microsoft’s add-in vetting process and serves as a warning for all users.
Cybercriminals are moving away from flashy ransomware and toward stealthy, persistent attacks—becoming digital parasites that live undetected inside networks. Here’s how their tactics are changing, and what defenders must do to keep up.