Credential Theft
269 article(s)
🗓 30 Dec 2025 · 👤 LOGICFALCON · 🌍 Asia
A dramatic breach of the EmEditor website turned a trusted text editor into a data-harvesting weapon. Attackers deployed a sophisticated infostealer via tampered installers, targeting credentials, documents, and more. Discover how the attack unfolded, who was at risk, and key lessons for digital defense.
🗓 29 Dec 2025 · 👤 TRUSTBREAKER · 🌍 Europe
A new breed of AI-driven phishing attacks is targeting Microsoft Outlook users, using clever code, Discord webhooks, and phishing-as-a-service tactics to steal credentials in stealthy fashion.
🗓 25 Dec 2025 · 👤 LOGICFALCON · 🌍 Asia
A sophisticated North Korean malware, DriverFixer0428, is exploiting fake job interview scenarios to steal macOS and Chrome credentials. Disguised as a legitimate tool, it employs social engineering and advanced evasion techniques, highlighting the growing threat to Apple users.
🗓 24 Dec 2025 · 👤 TRUSTBREAKER · 🌍 North America
A new MacSync stealer campaign abuses Apple’s own code-signing and notarization process, bypassing Gatekeeper to infect macOS users. Here’s how this alarming tactic works—and what it means for Mac security.
🗓 24 Dec 2025 · 👤 LOGICFALCON · 🌍 North America
The FBI and international partners have seized a domain hosting stolen U.S. bank credentials, disrupting a phishing campaign responsible for millions in losses. Learn how the scheme worked and how to protect yourself.
🗓 24 Dec 2025 · 👤 TRUSTBREAKER
A new wave of cyberattacks uses trusted platforms like GitHub and YouTube to distribute the Webrat malware, targeting gamers and employees with data theft, spying, and blackmail. Learn how attackers exploit open-source communities and what you can do to protect yourself.
🗓 24 Dec 2025 · 👤 LOGICFALCON
WebRAT malware disguises itself as gaming cheats and proof-of-concept code on GitHub, targeting both gamers and corporate users. It steals credentials, spies via webcams, and enables blackmail and swatting, posing a growing risk across the digital landscape.
🗓 24 Dec 2025 · 👤 TRUSTBREAKER · 🌍 Asia
Operation PCPcat exploited major Next.js and React flaws to breach over 59,000 servers, stealing up to 590,000 credentials. Our investigation reveals the campaign's technical details, persistence tactics, and critical defense recommendations.
🗓 23 Dec 2025 · 👤 LOGICFALCON
Hackers are using fake exploit code on GitHub to spread WebRAT malware, targeting cybersecurity researchers and developers. This feature investigates how the campaign works and what makes it so dangerous.
🗓 23 Dec 2025 · 👤 TRUSTBREAKER · 🌍 North America
MacSync Stealer bypassed Apple’s notarization, posing as a legitimate chat app to steal Mac users’ passwords. Discover how this stealthy threat worked and why notarization alone is no longer enough.
