Advertisement

BioShocking Attack: AI Browsers Leak Credentials Via Deception
LayerX's BioShocking technique exploits AI browsers like ChatGPT Atlas, Perplexity Comet, and Claude to leak user credentials through deceptive game scenarios.
Amazon Q Flaw: Cloud Credential Theft via Malicious Repositories
AWS patches a critical Amazon Q flaw enabling cloud credential theft via malicious repositories. Understand its impact and recommended mitigations.

FortiBleed: FortiGate Firewalls Used as Credential Stealers
Threat actors deploy Golang sniffers in the FortiBleed campaign, compromising 430,000 FortiGate firewalls to steal 110 million credentials globally.

MongoBleed: Unauthenticated Credential Theft via Server Memory
Analysis of MongoBleed, a critical vulnerability enabling unauthenticated credential and session token extraction from server memory, highlighting attack surface
Toshiba and Muji Impacted by Polyfill Supply Chain Attack
Toshiba and Muji have warned of malicious login prompts appearing on their sites. This follows the takeover of the Polyfill.io domain used for script injection.
2026 Verizon DBIR Analysis: Securing the Browser Against Phishing
The 2026 Verizon DBIR identifies browser-layer security gaps as a primary threat vector, highlighting risks from phishing, shadow AI, and malicious extensions.

FIFA World Cup 2026 Phishing: Fake Domains and Banking Malware
The FBI and security researchers warn of FIFA World Cup 2026 scams involving thousands of lookalike domains and banking malware in pirate streaming apps.

IronWorm: Rust-Written Malware Hits npm Supply Chain Developers
Analysis of the Rust-written IronWorm malware targeting npm supply chain developers. Learn how it steals credentials and propagates, and discover essential mitigation
Red Hat npm Supply Chain Compromise: Miasma Steals Dev Credentials
Over 30 Red Hat npm packages under @redhat-cloud-services were compromised in a supply chain attack distributing Miasma malware to steal developer credentials.

Miasma Supply Chain Attack: Defending Red Hat npm Environments
Analysis of the Miasma supply chain attack targeting Red Hat npm packages with credential-stealing worms. Technical details and mitigation guide for SOC teams.
Romanian Hacker Sentenced for Breach of Oregon Government Networks
Adrian-Tiberiu Oprea sentenced to 56 months for a multi-year cyber campaign targeting Oregon government systems and dozens of U.S. organizations.
Ajax Football Club Hack: Suspect Arrested in Almere Data Breach
Dutch police arrested a 35-year-old suspect linked to the AFC Ajax data breach involving the theft of sensitive personal data of players and staff.