Tag: theft
-
FortiGate firewalls hit by silent SSO intrusions and config theft
Admins say attackers are still getting in despite recent patches First seen on theregister.com Jump to article: www.theregister.com/2026/01/22/fortigate_firewalls_hit_by_silent/
-
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization.Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or First seen…
-
Discord Exploited to Spread Clipboard Hijacker Stealing Cryptocurrency Funds
CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor >>RedLineCyber,<< who deliberately impersonates the notorious RedLine Solutions to establish credibility within underground communities. Rather than collecting comprehensive system data, the malware employs a highly targeted approach: continuously monitoring the Windows clipboard for cryptocurrency wallet addresses and performing silent substitution…
-
SolyxImmortal Malware Abuses Discord to Quietly Harvest Sensitive Information
A newly discovered information-stealing malware, SolyxImmortal, has emerged as a persistent surveillance threat targeting Windows users. Distributed through underground Telegram channels, this Python-based implant combines credential theft, document harvesting, keystroke logging, and screen capture capabilities into a continuously running surveillance framework that operates silently in the background. First detected in January 2026, the malware prioritizes…
-
Mandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack it
Tags: attack, authentication, computer, credentials, crypto, cve, data, data-breach, email, encryption, group, Hardware, international, mandiant, microsoft, network, ntlm, phishing, risk, service, supply-chain, theft, threat, vulnerability, windowspass-the-hash. The benefit is time and money saved: Mandiant reckons its rainbow table allows the recovery of an NTLMv1 key in 12 hours using a computer costing $600, rather than relying on third party services or expensive hardware to brute-force the keys.None of this makes NTLMv1 less secure or easier to target than it already…
-
OverAir Software Updates Pose Risks to Vehicles
eSync Alliance Chair Shrikant Acharya on How Standardization Can Prevent Breaches. Over-the-air updates are an irreplaceable part of software-defined vehicles, giving manufacturers a convenient way of remotely fixing and upgrading vehicles. If not appropriately secured, over-the-air updates can become a gateway for data theft, malware injection, vehicle theft and even injury. First seen on govinfosecurity.com…
-
Redmi Buds Vulnerability Could Allow Call Data Theft and Firmware Instability
Xiaomi’s Redmi Buds series faces critical security flaws that enable attackers to steal sensitive call data and crash devices without authentication. Two newly disclosed vulnerabilities affect Redmi Buds 3 Pro through 6 Pro, allowing unauthenticated adversaries within Bluetooth range to access private phone numbers and trigger repeated denial of service conditions. The vulnerabilities stem from…
-
Eurail customer database hacked
Identification data: First name, last name, date of birth, genderContact details: Email address, home address, telephone numberPassport details: Passport number, country of issue and expiry date No further details about the attack are available. According to Eurail, the investigation is ongoing. But at this time there is no indication the data was misused or publicly…
-
For-Profit Monroe University Notifies 321,000 of Data Theft
Health Info in Mix With Compromised Data in Latest Breach Hitting a School. A for-profit university with campuses in New York and the Caribbean is notifying nearly 321,000 individuals of a December 2024 data theft incident that compromised their personal and health information. Monroe University is among the latest educational institutions disclosing hacks. First seen…
-
PharMerica Will Pay at Least $5.2M to Settle Hack Lawsuit
Ransomware Gang Money Message Claimed It Exfiltrated 4.7TB of Firm’s Data. Pharmacy services firm PharMerica will pay at least $5.27 million – plus millions more on enhancing its security – as part of a preliminary class action settlement approved this week by a federal court involving a 2023 data theft incident the company reported as…
-
South Korean giant Kyowon confirms data theft in ransomware attack
The Kyowon Group (Kyowon), a South Korean conglomerate, disclosed that a cyberattack has disrupted its operations and customer information may have been exposed in the incident. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/south-korean-giant-kyowon-confirms-data-theft-in-ransomware-attack/
-
SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats
Tags: access, ai, authentication, breach, business, communications, compliance, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, government, grc, group, identity, incident response, infosec, infrastructure, malware, monitoring, phishing, ransomware, risk, risk-management, service, supply-chain, technology, theft, threat, toolFor government agencies and critical infrastructure operators, supply chain threats present national security risks that demand heightened vigilance. Public sector organizations managing sensitive data and critical services increasingly rely on contractors and technology vendors whose compromised credentials could provide adversaries with pathways into classified systems or essential infrastructure. Last year alone, the top 98 Defense…
-
Microsoft seizes RedVDS infrastructure, disrupts fast-growing cybercrime marketplace
Tags: attack, credentials, cybercrime, infrastructure, marketplace, microsoft, phishing, service, theft, toolThe service became a prolific tool for cybercriminals in the past year, as it facilitated thousands of attacks involving credential theft, account takeovers, mass phishing and payment diversion fraud. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-disrupts-redvds-cybercrime-marketplace/
-
Reprompt attack hijacked Microsoft Copilot sessions for data theft
Researchers identified an attack method dubbed “Reprompt” that could allow attackers to infiltrate a user’s Microsoft Copilot session and issue commands to exfiltrate sensitive data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/reprompt-attack-let-hackers-hijack-microsoft-copilot-sessions/
-
Multiple Elastic Vulnerabilities Could Lead to File Theft and DoS
Elastic has released urgent security patches addressing four significant vulnerabilities in Kibana that could enable attackers to steal sensitive files, trigger service outages, and exhaust system resources. The advisories, published on January 14, 2026, affect multiple Kibana versions spanning from 7.x through 9.2.3. Critical File Disclosure and SSRF Vulnerability The most severe flaw, CVE-2026-0532, has…
-
More than 40 countries impacted by North Korea IT worker scams, crypto thefts
Eleven countries led a session at the UN headquarters in New York centered around a 140-page report released last fall that covered North Korea’s extensive cyber-focused efforts to fund its nuclear and ballistic weapons program. First seen on therecord.media Jump to article: therecord.media/40-countries-impacted-nk-it-thefts-united-nations
-
Threat actor claims the theft of full customer data from Spanish energy firm Endesa
Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. >>In this regard, we regret to inform you that Endesa EnergÃa has detected a…
-
Android Banking Malware deVixor Actively Targeting Users with Ransomware Capabilities.
A sophisticated Android banking trojan known as deVixor has emerged as a significant threat to mobile users, combining financial data theft, device surveillance, and ransomware capabilities into a single malicious platform. Active since October 2025, the malware represents a concerning evolution in Android-based financial threats, targeting victims through fake automotive websites and leveraging Telegram infrastructure…
-
Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen
Everest ransomware claims to have breached Nissan Motor Corporation, alleging the theft of 900GB of internal data, including documents and screenshots. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-nissan-data-breach/
-
At least $26 million in crypto stolen from Truebit platform as crypto crime landscape evolves
The theft continues a trend from the last two years, when hackers stole billions worth of cryptocurrency from both platforms and asset owners. First seen on therecord.media Jump to article: therecord.media/26-million-in-crypto-stolen-truebit
-
London council cyber attack exposes personal data and highlights risks of shared public-sector IT
A cyber attack on shared IT systems used by several London councils has resulted in the theft of personal data relating to thousands of residents, raising renewed concerns about the resilience of local government cyber security and the risks posed by interconnected public-sector infrastructure. Kensington and Chelsea Council confirmed that sensitive personal information was accessed…
-
Russia’s Fancy Bear APT Doubles Down on Global Secrets Theft
The notorious Russian state-sponsored group relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/russian-apt-credentials-global-targets
-
Cisco identifies vulnerability in ISE network access control devices
rotate ISE credentials for those with existing and approved access;ensure only those who need access have credentials;reduce the number of devices that can access the ISE server;patch as soon as it’s possible to take the server offline.In its notice to customers, Cisco says a vulnerability [CVE-2026-20029] in the licensing features of ISE and Cisco ISE…
-
Cryptohack Roundup: Alleged Fraud Kingpin Deported to China
Also: Unleash Protocol Hack, LastPass Breach Linked to Crypto Thefts. This week, an alleged fraud kingpin deported to China, Bitfinex hacker gained early release, Unleash Protocol’s $3.9M hack, TRM tied crypto thefts to the LastPass breach, Trust Wallet’s link to the Sha1-Hulud attack, Flow’s NFT loan fallout, Ledger’s data exposure and Kontigo reimbursements. First seen…
-
BlueDelta Hackers Target Microsoft OWA, Google, and Sophos VPN to Steal Credentials
A sophisticated credential-harvesting operation conducted by BlueDelta, a Russian state-sponsored threat group linked to the GRU’s Main Directorate, targeted critical infrastructure organizations and research institutions throughout 2025, according to a comprehensive investigation by Recorded Future’s Insikt Group. The campaign, spanning February through September 2025, represents a significant evolution in the group’s persistent credential-theft operations, with…
-
ownCloud Warns Users to Enable MFA After Credential Theft Incident
ownCloud has issued an urgent security advisory urging users to enable Multi-Factor Authentication (MFA) following a credential theft incident reported by threat intelligence firm Hudson Rock. The incident, discovered in January 2026, affected organizations using self-hosted file-sharing platforms, including some ownCloud Community Edition deployments. What Happened The incident did not result from any vulnerability or…