credential theft

The Megalodon supply chain attack compromised over 5,500 GitHub repositories within six hours by injecting malicious GitHub Actions workflows designed to steal cloud credentials, API keys, SSH keys, and CI/CD secrets.

A recent analysis reveals that hackers are targeting over 70 Microsoft Exchange servers to steal credentials using JavaScript keyloggers. Learn about the vulnerabilities exploited and the impact on organizations worldwide.

The Prometei botnet has resurfaced, targeting Linux servers for cryptocurrency mining and credential theft. Discover the sophisticated techniques used in this malware operation and how it poses a threat to enterprise infrastructure.

A new phishing campaign targeting employees uses fake TxTag toll payment notices and government domain spoofing to steal personal and financial information. Learn how to recognize and avoid this sophisticated scam.

Business Email Compromise (BEC) attacks are stealthy, effective, and devastating. With no malware involved, these attacks bypass traditional security filters, trick employees, and siphon sensitive data or funds. But with real-time visibility through interactive sandboxing and endpoint protection like Net Protector, businesses can stay one step ahead.

Google’s trusted scripting platform is the latest weapon in phishing arsenals, helping attackers craft convincing credential-stealing campaigns that evade traditional email filters. Cybercriminals are leveraging Google Apps Script, a legitimate tool in Google’s Workspace suite, to host phishing pages that appear trustworthy to both users and security systems. According to research by Cofense, attackers are disguising these pages as authentic login portals to trick users into submitting their credentials — all while operating under the umbrella of a trusted Google domain.

A new phishing campaign weaponizes malformed URLs to bypass email filters and steal Microsoft 365 credentials—even bypassing two-factor authentication. Researchers have linked the attack to Tycoon2FA, a notorious Phishing-as-a-Service (PhaaS) operation that enables adversary-in-the-middle (AitM) interception of login sessions. The threat actors behind this campaign are using subtle but dangerous techniques to trick both users and security systems.

The infamous Vidar Stealer malware has returned with a dangerous new trick—pretending to be Microsoft’s BGInfo.exe, a tool trusted by IT professionals. This new version is designed to silently steal browser cookies, stored passwords, and crypto wallet data.

A new ransomware campaign called XELERA is tricking job seekers with fake job offers from the Food Corporation of India (FCI). Victims receive malicious Word documents via email, which install ransomware and steal personal data. The attack also uses Discord bots to control infected computers remotely.