Credential Theft

WhatsApp Account Hijacking: Tactics, Detection, and Mitigation

Threat Intelligence

WhatsApp Account Hijacking: Tactics, Detection, and Mitigation

Cybercriminals are increasingly targeting WhatsApp accounts to impersonate victims and conduct fraudulent activities, such as emergency scams...

Credential Theft Defense: Detection and Mitigation Strategies

Blue-Team

Credential Theft Defense: Detection and Mitigation Strategies

Credential theft remains one of the most pervasive threats in cybersecurity, with Dark Reading reporting 11.3 million...

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

Threat Intelligence

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

Recent reports highlight a significant shift in cyberattack strategies, with vulnerability exploitation and credential theft now accounting...

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Red-Team

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

A newly documented proof-of-concept attack named “Cookie-Bite” demonstrates how malicious Chrome extensions can hijack browser session cookies...

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Threat Intelligence

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Recent findings by the Socket Threat Research Team reveal a growing trend of threat actors uploading malicious...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

Data Breach

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

A threat actor has allegedly obtained and leaked approximately 10GB of stolen login credentials, posing a significant...

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

Malware Analysis

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

A sophisticated malware campaign dubbed “Arcane Stealer” is actively targeting gamers and VPN users through compromised YouTube...

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

APT-News

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

The XE Group, a cybercrime syndicate with suspected Vietnamese origins, has dramatically evolved its operations from traditional...

Credential Dumping via Active Directory User Comments: Risks and Mitigations

News

Credential Dumping via Active Directory User Comments: Risks and Mitigations

Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

Malware Analysis

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

TrojanSpy.MSIL.REDLINESTEALER.YXBDN represents a sophisticated Windows-based information stealer with demonstrated capabilities in credential harvesting across multiple applications. First...

MFA Push Spray Attacks: How Hackers Exploit Multi-Factor Authentication Fatigue

News

MFA Push Spray Attacks: How Hackers Exploit Multi-Factor Authentication Fatigue

Multi-factor authentication (MFA) is a foundational security control, but attackers are increasingly bypassing it using MFA Push...

New Phishing Tactic Exploits Firebase to Steal Credentials

Threat Intelligence

New Phishing Tactic Exploits Firebase to Steal Credentials

Check Point Research has uncovered a sophisticated phishing campaign leveraging Google Firebase to host fraudulent pages mimicking...

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

Bug Bounties & Responsible Disclosure
Cyber Laws & Regulations
Exploitation
Malware Analysis
Red-Team
SIEM & Detection Engineering

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

A critical vulnerability, CVE-2025-2609, has been identified in MagnusSolution’s MagnusBilling software, a widely used billing and call...

Credential Theft

WhatsApp Account Hijacking: Tactics, Detection, and Mitigation

Credential Theft Defense: Detection and Mitigation Strategies

Rise in Credential Theft and Vulnerability Exploitation Dominates Cyber Threats in 2024

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Malicious npm and PyPI Packages Impersonate Developer Tools to Steal Credentials

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

10GB of Stolen Login Credentials Reportedly Leaked by Threat Actor

Arcane Stealer Malware Targets Gamers via YouTube and Discord, Steals VPN Credentials

XE Group’s Cybercrime Evolution: From Credit Card Skimming to Zero-Day Exploitation

Credential Dumping via Active Directory User Comments: Risks and Mitigations

RedLine Stealer Malware: Analyzing the Persistent Data-Theft Threat Targeting Credentials

MFA Push Spray Attacks: How Hackers Exploit Multi-Factor Authentication Fatigue

New Phishing Tactic Exploits Firebase to Steal Credentials

CVE-2025-2609 – MagnusSolution MagnusBilling Cross-Site Scripting Vulnerability

You may have missed

OpenAI’s $3 Billion Windsurf Acquisition: Strategic Shift Toward AI-Driven Developer Tools

Apple’s AI Partnership with Alibaba Sparks U.S. National Security Concerns

Meta’s Antitrust Battle: Examining the FTC’s Monopoly Allegations

Procolored Printer Drivers Distributed Malware for Six Months: Technical Analysis and Mitigation